Microsoft Media Player Version 9 PNG Multiple Vulnerabilities (deprecated)

Medium Nessus Network Monitor Plugin ID 2602

Synopsis

The remote host is vulnerable to a buffer overflow

Description

The remote host is running Microsoft Media Player Version 9. There is a flaw in this version of Media Player that would allow a remote attacker to potentially execute code on the target host. Exploiting this flaw would require that the attacker be able to convince a local user to open an email or browse to a malicious URL.

Solution

Upgrade or patch according to vendor recommendations.

See Also

http://www.microsoft.com/technet/security/bulletin/ms05-009.mspx

Plugin Details

Severity: Medium

ID: 2602

File Name: 2602.prm

Family: Generic

Published: 2005/02/08

Modified: 2016/02/05

Dependencies: 2601

Nessus ID: 16328

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 6.8

Temporal Score: 5.9

Vector: CVSS2#AV:A/AC:H/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:H/RL:OF/RC:C

CVSSv3

Base Score: 7.5

Temporal Score: 7.1

Vector: CVSS3#AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS3#E:H/RL:O/RC:C

Reference Information

CVE: CVE-2004-0598, CVE-2004-0599, CVE-2004-0718, CVE-2004-0722, CVE-2004-0757, CVE-2004-0758, CVE-2004-0759, CVE-2004-0760, CVE-2004-0761, CVE-2004-0762, CVE-2004-0763, CVE-2004-0764, CVE-2005-0399, CVE-2005-0989, CVE-2005-1153, CVE-2005-1154, CVE-2005-1155, CVE-2005-1156, CVE-2005-1157, CVE-2005-1159, CVE-2005-1160, CVE-2005-1476, CVE-2005-1477, CVE-2005-1531, CVE-2005-1532, CVE-2005-2701, CVE-2005-2702, CVE-2005-2703, CVE-2005-2704, CVE-2005-2705, CVE-2005-2706, CVE-2005-2707, CVE-2005-2968, CVE-2004-0597, CVE-2004-1244

BID: 10857, 15495, 12506, 12485

OSVDB: 13597, 15241, 59316, 7466, 7939, 8312, 8313, 8326