CVE-2004-1244 — Microsoft Windows Media Player vulnerability

3 documents3 sources

Severity

7.5HIGHNVD

EPSS

42.5%

top 2.53%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Windows Media Player

Timeline

PublishedFeb 8

Latest updateApr 29

Description

Windows Media Player 9 allows remote attackers to execute arbitrary code via a PNG file containing large (1) width or (2) height values, aka the "PNG Processing Vulnerability."

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDmicrosoft/windows_media_player9

Patches

Patch: www.kb.cert.org ↗Patch: www.us-cert.gov ↗Patch: www.kb.cert.org ↗

🔴Vulnerability Details

GHSA

GHSA-wvcf-x376-222j: Windows Media Player 9 allows remote attackers to execute arbitrary code via a PNG file containing large (1) width or (2) height values, aka the "PNG↗2022-04-29

▶

CVEList

CVE-2004-1244: Windows Media Player 9 allows remote attackers to execute arbitrary code via a PNG file containing large (1) width or (2) height values, aka the "PNG↗2005-02-08

▶