← Back

CVE-2006-0005

nvd nist
Published: Feb 14, 2006Modified: Apr 16, 2026

JSON object

Loading...
9.3
Vector
AV:N/AC:M/Au:N/C:C/I:C/A:C
Exploitability: 8.6 / Impact: 10.0
Source: NVD

Description

Buffer overflow in the plug-in for Microsoft Windows Media Player (WMP) 9 and 10, when used in browsers other than Internet Explorer and set as the default application to handle media files, allows remote attackers to execute arbitrary code via HTML with an EMBED element containing a long src attribute.

Affected (45)

Microsoft
7 products
Windows Nt
Windows 2000
Windows 2000 Advanced Server
Windows 2003 Server
Windows Server 2000
Windows Server 2003
Windows Xp
Configuration A
45 vulnerable
Vulnerable SoftwareAffected Versions
Microsoft
Windows Nt
Version datacenter_server
Windows Nt
Version datacenter_server sp1
Windows Nt
Version datacenter_server sp2
Windows Nt
Version datacenter_server sp3
Windows Nt
Version datacenter_server sp4
Windows Nt
Version xp sp2
Windows Nt
Version xp_tablet_pc
Windows Nt
Version xp_tablet_pc sp1
Windows Nt
Version xp_tablet_pc sp2
Microsoft
Windows 2000
All versions
Windows 2000
All versions
Windows 2000
All versions
Windows 2000
All versions
Windows 2000
All versions
Windows 2000
All versions
Microsoft
Windows 2000 Advanced Server
All versions
Windows 2000 Advanced Server
Version sp1
Windows 2000 Advanced Server
Version sp2
Windows 2000 Advanced Server
Version sp3
Windows 2000 Advanced Server
Version sp4
Microsoft
Windows 2003 Server
Version datacenter_edition
Windows 2003 Server
Version datacenter_edition_64-bit
Windows 2003 Server
Version enterprise_edition
Windows 2003 Server
Version enterprise_edition_64-bit
Windows 2003 Server
Version standard
Windows 2003 Server
Version standard_64-bit
Windows 2003 Server
Version web_edition
Microsoft
Windows Server 2000
Version none
Windows Server 2000
Version sp1
Windows Server 2000
Version sp2
Windows Server 2000
Version sp3
Microsoft
Windows Server 2003
Version datacenter_sp1
Windows Server 2003
Version enterprise_sp1
Windows Server 2003
Version standard_sp1
Windows Server 2003
Version web_edition_sp1
Microsoft
Windows Xp
All versions
Windows Xp
All versions
Windows Xp
All versions
Windows Xp
All versions
Windows Xp
All versions
Windows Xp
All versions
Windows Xp
All versions
Windows Xp
All versions
Windows Xp
All versions
Windows Xp
All versions

Related CWEs

CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (20)

Source: secure@microsoft.com
Vendor Advisory
Source: secure@microsoft.com
Source: secure@microsoft.com
Source: secure@microsoft.com
US Government Resource
Source: secure@microsoft.com
Source: secure@microsoft.com
US Government Resource
Source: secure@microsoft.com
Source: secure@microsoft.com
Source: secure@microsoft.com
Source: secure@microsoft.com
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
US Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
US Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.