CVE-2004-0726

high

Description

The Windows Media Player control in Microsoft Windows 2000 allows remote attackers to execute arbitrary script in the local computer zone via an ASX filename that contains javascript, which is executed in the local context in a preview panel.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/16704

http://marc.info/?l=bugtraq&m=108965512912175&w=2

Details

Source: Mitre, NVD

Published: 2004-07-27

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 7.3

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.13313