CVE-2005-2128 — Microsoft Windows Media Player vulnerability

3 documents3 sources

Severity

5.0MEDIUMNVD

EPSS

54.5%

top 1.96%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Windows Media Player

Timeline

PublishedOct 12

Latest updateMay 1

Description

QUARTZ.DLL in Microsoft Windows Media Player 9 allows remote attackers to write a null byte to arbitrary memory via an AVI file with a crafted strn element with a modified length value.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDmicrosoft/windows_media_player9

🔴Vulnerability Details

GHSA

GHSA-4p74-rhx5-4m8c: QUARTZ↗2022-05-01

▶

CVEList

CVE-2005-2128: QUARTZ↗2005-10-11

▶