|
|||
Rule General Information |
---|
Release Date: | 2014-12-30 | |
Rule Name: | Microsoft Windows Media Player BMP File Handling Buffer Overflow Vulnerability -2 (CVE-2006-0006) | |
Severity: | ||
CVE ID: | ||
CNNVD ID: | ||
Rule Protection Details |
---|
Description: | Heap-based buffer overflow in the bitmap processing routine in Microsoft Windows Media Player 7.1 on Windows 2000 SP4, Media Player 9 on Windows 2000 SP4 and XP SP1, and Media Player 10 on XP SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted bitmap (.BMP) file that specifies a size of 0 but contains additional data. | |
Impact: | A buffer overflow vulnerability can be triggered by an attacker in the context of the vulnerable product. Further attacks includes arbitrary code execution and denial of service. | |
Affected OS: | Windows | |
Reference: | MicrosoftSecurityBulletin:ms06-005 SecurityFocusBID:16633 |
|
Solutions |
---|
Microsoft has released a patch MS06-005 to eliminate the vulnerability. The patch can be downloaded at http://www.microsoft.com/technet/security/bulletin/ms06-005.mspx |