MS06-006: Vulnerability in Windows Media Player Plug-in Could Allow Remote Code Execution (911564)
High Nessus Plugin ID 20906
SynopsisArbitrary code can be executed on the remote host through Media Player.
DescriptionThe remote host is running the Windows Media Player plug-in.
There is a vulnerability in the remote version of this software that could allow an attacker to execute arbitrary code on the remote host.
To exploit this flaw, an attacker would need to send a specially crafted media file with a rogue EMBED element and have a user on the affected host open it with the plug-in.
SolutionMicrosoft has released a set of patches for Windows 2000, XP and 2003.