CVE-2004-1324

Microsoft Windows Media Player 9.0 - XSS

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-1324. PoCs published by Arman Nayyeri.

AI-analyzed exploit summary This exploit demonstrates a weakness in the Windows Media Player ActiveX control that allows manipulation of media file attributes (e.g., Artist, Title, Album) via script injection. It leverages the ability to modify metadata in local files, potentially leading to arbitrary code execution if combined with another vulnerability.

Description

The Microsoft Windows Media Player 9.0 ActiveX control may allow remote attackers to execute arbitrary web script in the Local computer zone via the (1) artist or (2) song fields of a music file, if the file is processed using Internet Explorer.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Arman Nayyeri · htmlremotewindows

https://www.exploit-db.com/exploits/25031

View Code ZIP pw:eip

This exploit demonstrates a weakness in the Windows Media Player ActiveX control that allows manipulation of media file attributes (e.g., Artist, Title, Album) via script injection. It leverages the ability to modify metadata in local files, potentially leading to arbitrary code execution if combined with another vulnerability.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Windows Media Player 9

No auth needed

Prerequisites: Windows Media Player 9 installed · Winamp installed in default directory (c:\program files\winamp\winamp.m3u) · Victim must visit a malicious webpage

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →