|
|
|||
| Rule General Information |
|---|
| Release Date: | 2014-12-30 | |
| Rule Name: | Microsoft Windows Media Player BMP File Handling Buffer Overflow Vulnerability -2 (CVE-2006-0006) | |
| Severity: | ||
| CVE ID: | ||
| CNNVD ID: | ||
| Rule Protection Details |
|---|
| Description: | Heap-based buffer overflow in the bitmap processing routine in Microsoft Windows Media Player 7.1 on Windows 2000 SP4, Media Player 9 on Windows 2000 SP4 and XP SP1, and Media Player 10 on XP SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted bitmap (.BMP) file that specifies a size of 0 but contains additional data. | |
| Impact: | A buffer overflow vulnerability can be triggered by an attacker in the context of the vulnerable product. Further attacks includes arbitrary code execution and denial of service. | |
| Affected OS: | Windows | |
| Reference: | MicrosoftSecurityBulletin:ms06-005 SecurityFocusBID:16633 |
|
| Solutions |
|---|
| Microsoft has released a patch MS06-005 to eliminate the vulnerability. The patch can be downloaded at http://www.microsoft.com/technet/security/bulletin/ms06-005.mspx |