| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| MS15-057 | Vulnerability in Windows Media Player Could Allow Remote Code Execution (3033890) | Windows Media | Critical | 10-06-2015 |
Technical Information
Brief overview of the risk:
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if Windows Media Player opens specially crafted media content that is hosted on a malicious website. An attacker who successfully exploited this vulnerability could take complete control of an affected system remotely.
Detailed Information on the risk:
A remote code execution vulnerability exists in the way that Windows Media Player handles specially crafted DataObjects. An attacker who successfully exploited this vulnerability could take complete control of an affected system remotely. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Further information on this exploit is available at : MS15-057
Windows Media Player 11
Windows Media Player 12
Affected Software
Windows Media Player 10Windows Media Player 11
Windows Media Player 12