Microsoft Media Player Version 9 PNG Multiple Vulnerabilities (deprecated)

high Nessus Network Monitor Plugin ID 2602

Synopsis

The remote host is vulnerable to a buffer overflow

Description

The remote host is running Microsoft Media Player Version 9. There is a flaw in this version of Media Player that would allow a remote attacker to potentially execute code on the target host. Exploiting this flaw would require that the attacker be able to convince a local user to open an email or browse to a malicious URL.

Solution

Upgrade or patch according to vendor recommendations.

See Also

http://www.microsoft.com/technet/security/bulletin/ms05-009.mspx

Plugin Details

Severity: High

ID: 2602

Family: Generic

Published: 2/8/2005

Updated: 3/6/2019

Nessus ID: 16328

Risk Information

VPR

Risk Factor: High

Score: 8.9

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.9

Vector: CVSS2#AV:A/AC:H/Au:N/C:C/I:C/A:C

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 7.2

Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C

Reference Information

CVE: CVE-2004-0597, CVE-2004-0598, CVE-2004-0599, CVE-2004-0718, CVE-2004-0722, CVE-2004-0757, CVE-2004-0758, CVE-2004-0759, CVE-2004-0760, CVE-2004-0761, CVE-2004-0762, CVE-2004-0763, CVE-2004-0764, CVE-2004-1244, CVE-2005-0399, CVE-2005-0989, CVE-2005-1153, CVE-2005-1154, CVE-2005-1155, CVE-2005-1156, CVE-2005-1157, CVE-2005-1159, CVE-2005-1160, CVE-2005-1476, CVE-2005-1477, CVE-2005-1531, CVE-2005-1532, CVE-2005-2701, CVE-2005-2702, CVE-2005-2703, CVE-2005-2704, CVE-2005-2705, CVE-2005-2706, CVE-2005-2707, CVE-2005-2968

BID: 15495, 10857, 12506, 12485