New Search

Windows Media Player Directory Traversal

oval:org.mitre.oval:def:321

Directory traversal vulnerability in Microsoft Windows Media Player 7.1 and Windows Media Player for Windows XP allows remote attackers to execute arbitrary code via a skins file with a URL containing hex-encoded backslash characters (%5C) that causes an executable to be placed in an arbitrary location.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows XP
Class:
vulnerability
Reference(s):
  • CVE-2003-0228
Product(s):
  • Windows Media Player for Windows XP