CVE-2008-4927

Windows Media Player 9.0-11 - Denial of Service via Malformed MIDI or DAT File

Title source: llm
STIX 2.1

Description

Microsoft Windows Media Player (WMP) 9.0 through 11 allows user-assisted attackers to cause a denial of service (application crash) via a malformed (1) MIDI or (2) DAT file, related to "MThd Header Parsing." NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/32077

Scores

EPSS 0.0403
EPSS Percentile 89.4%

Details

CWE
CWE-20
Status published
Products (3)
microsoft/windows_media_player 9
microsoft/windows_media_player 10
microsoft/windows_media_player 11
Published Nov 04, 2008
Tracked Since Feb 18, 2026