| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| MS10-026 | Vulnerability in Microsoft MPEG Layer-3 Codecs Could Allow Remote Code Execution (977816) | Windows Media | Critical | 14-04-2010 |
Technical Information
Brief overview of the risk:
This security update resolves a privately reported vulnerability in Windows Media Player. The vulnerability could allow remote code execution if Windows Media Player opened specially crafted media content hosted on a malicious Web site.
Detailed Information on the risk:
A remote code execution vulnerability exists in the Windows Media Player ActiveX control. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs or view, change, or delete data with full user rights.
Further information on this exploit is available at : MS10-027
Affected Software
Windows Media Player 9 Series (Microsoft Windows 2000 Service Pack 4)Windows Media Player 9 Series (Windows XP Service Pack 2)
Windows Media Player 9 Series (Windows XP Service Pack 3)