Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2007-6236

CWE-1894 documents4 sources
Severity
5.0MEDIUM
EPSS
33.2%
top 3.10%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Microsoft Windows Media Player
Timeline
PublishedDec 4
Latest updateMay 1

Description

Microsoft Windows Media Player (WMP) allows remote attackers to cause a denial of service (application crash) via a certain AIFF file that triggers a divide-by-zero error, as demonstrated by kr.aiff.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-754q-9r9j-jrw6: Microsoft Windows Media Player (WMP) allows remote attackers to cause a denial of service (application crash) via a certain AIFF file that triggers a2022-05-01
CVEList
CVE-2007-6236: Microsoft Windows Media Player (WMP) allows remote attackers to cause a denial of service (application crash) via a certain AIFF file that triggers a2007-12-04

💥Exploits & PoCs

1
Exploit-DB
Microsoft Windows Media Player - '.AIFF' Divide By Zero Exception Denial of Service (PoC)2007-11-29
CVE-2007-6236 (MEDIUM CVSS 5) | Microsoft Windows Media Player (WMP | cvebase.io