Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2007-4288Microsoft Windows Media Player vulnerability

4 documents4 sources
Severity
4.3MEDIUMNVD
EPSS
52.0%
top 2.08%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Microsoft Windows Media Player
Timeline
PublishedAug 9
Latest updateMay 1

Description

Microsoft Windows Media Player 11 (wmplayer.exe) allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted .au file that triggers a divide-by-zero error, as demonstrated by iapetus.au.

CVSS vector

AV:N/AC:M/C:N/I:N/A:PExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-p44w-q7f3-xgf6: Microsoft Windows Media Player 11 (wmplayer2022-05-01
CVEList
CVE-2007-4288: Microsoft Windows Media Player 11 (wmplayer2007-08-09

💥Exploits & PoCs

1
Exploit-DB
Microsoft Windows Media Player 11 - AU Divide-by-Zero Denial of Service2007-08-08
CVE-2007-4288 — Microsoft vulnerability | cvebase