CVE-2015-1728

CWE-173 documents3 sources

Severity

9.3CRITICAL

EPSS

26.9%

top 3.64%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Windows Media Player

Timeline

PublishedJun 10

Latest updateMay 14

Description

Microsoft Windows Media Player 10 through 12 allows remote attackers to execute arbitrary code via a crafted DataObject on a web site, aka "Windows Media Player RCE via DataObject Vulnerability."

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

▶NVDmicrosoft/windows_media_player10 versions+9

🔴Vulnerability Details

GHSA

GHSA-grc3-3wm6-wpmf: Microsoft Windows Media Player 10 through 12 allows remote attackers to execute arbitrary code via a crafted DataObject on a web site, aka "Windows Me↗2022-05-14

▶

CVEList

CVE-2015-1728: Microsoft Windows Media Player 10 through 12 allows remote attackers to execute arbitrary code via a crafted DataObject on a web site, aka "Windows Me↗2015-06-10

▶