CVE-2002-0340 — Microsoft Windows Media Player vulnerability

3 documents3 sources

Severity

7.5HIGHNVD

EPSS

4.0%

top 11.56%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Windows Media Player

Timeline

PublishedJun 25

Latest updateApr 30

Description

Windows Media Player (WMP) 8.00.00.4477, and possibly other versions, automatically detects and executes .wmf and other content, even when the file's extension or content type does not specify .wmf, which could make it easier for attackers to conduct unauthorized activities via Trojan horse files containing .wmf content.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDmicrosoft/windows_media_player8.00.00.4477

🔴Vulnerability Details

GHSA

GHSA-2wj7-rh7r-r9rv: Windows Media Player (WMP) 8↗2022-04-30

▶

CVEList

CVE-2002-0340: Windows Media Player (WMP) 8↗2002-05-03

▶