CVE-2006-6134

Windows Media Player - Heap-based Buffer Overflow via ASX PlayList REF Element

Title source: llm
STIX 2.1

Description

Heap-based buffer overflow in the WMCheckURLScheme function in WMVCORE.DLL in Microsoft Windows Media Player (WMP) 10.00.00.4036 on Windows XP SP2, Server 2003, and Server 2003 SP1 allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via a long HREF attribute, using an unrecognized protocol, in a REF element in an ASX PlayList file.

References (15)

Core 15
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1017354
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/1922
US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/208769
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/22971
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/452352/100/0/threaded
US Government Resource third-party-advisory x_refsource_cert
http://www.us-cert.gov/cas/techalerts/TA06-346A.html
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A669
Third Party Advisory, VDB Entry vendor-advisory x_refsource_hp
http://www.securityfocus.com/archive/1/454969/100/200/threaded
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2006/4882
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/21247
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/453579/100/0/threaded

Scores

EPSS 0.4128
EPSS Percentile 98.5%

Details

CWE
CWE-119
Status published
Products (1)
microsoft/windows_media_player 10.00.00.4036
Published Nov 28, 2006
Tracked Since Feb 18, 2026