Intrusion Prevention
MS.Windows.Media.Player.ASX.Playlist.Remote.Command.Execution
Description
This indicates an attack attempt against a heap-based buffer-overflow vulnerability in Microsoft Windows Media Player (WMP).
The vulnerability exists in the WMCheckURLScheme function in WMVCORE.DLL, which is part of WMP 10.00.00.4036 on Windows XP SP2, Server 2003, and Server 2003 SP1. Remote attackers may exploit this to cause a denial-of-service condition, or to execute arbitrary code.
Affected Products
Microsoft Windows Media Player 10.x
Microsoft Windows Media Player 6.x
Microsoft Windows Media Player 7.x
Microsoft Windows Media Player 8.x
Microsoft Windows Media Player 9.x
Impact
Denial of service
Remote code execution
Recommended Actions
Upgrade to Windows Media Player 11 or apply patches.