CVE-2002-1847

Windows Media Player 6.3-7.1 - Buffer Overflow via MP3 Filename Command Line Argument

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2002-1847. PoCs published by ken@FTU.

AI-analyzed exploit summary The exploit describes a buffer overflow vulnerability in Microsoft Windows Media Player when invoked with an oversized filename. It provides commands to reproduce the issue locally and remotely via an unpatched IIS server.

Description

Buffer overflow in mplay32.exe of Microsoft Windows Media Player (WMP) 6.3 through 7.1 allows remote attackers to execute arbitrary commands via a long mp3 filename command line argument. NOTE: since the only known attack vector requires command line access, this may not be a vulnerability.

Exploits (1)

exploitdb WRITEUP VERIFIED
by ken@FTU · textremotewindows
https://www.exploit-db.com/exploits/21670

The exploit describes a buffer overflow vulnerability in Microsoft Windows Media Player when invoked with an oversized filename. It provides commands to reproduce the issue locally and remotely via an unpatched IIS server.

Classification
Writeup 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Theoretical
Target: Microsoft Windows Media Player (version unspecified)
No auth needed
Prerequisites: Access to command prompt or unpatched IIS server
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://online.securityfocus.com/archive/1/285082
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/5357
Third Party Advisory vdb-entry x_refsource_xf
http://www.iss.net/security_center/static/9727.php

Scores

EPSS 0.3361
EPSS Percentile 98.2%

Details

Status published
Products (5)
microsoft/windows_media_player
microsoft/windows_media_player 6.3
microsoft/windows_media_player 6.4
microsoft/windows_media_player 7
microsoft/windows_media_player 7.1
Published Dec 31, 2002
Tracked Since Feb 18, 2026