Microsoft Windows Media Player Remote Skin Decompression Code Execution Vulnerability

Bugtraq ID: 25307
Class: Boundary Condition Error
CVE: CVE-2007-3035
Remote: Yes
Local: No
Published: Aug 14 2007 12:00AM
Updated: Aug 13 2008 07:16PM
Credit: Piotr Bania, working with TippingPoint and the Zero Day Initiative, reported this issue to the vendor.
Vulnerable: Microsoft Windows Media Player 9.0
+ Microsoft Windows Server 2003 Datacenter Edition
+ Microsoft Windows Server 2003 Datacenter Edition
+ Microsoft Windows Server 2003 Datacenter Edition Itanium 0
+ Microsoft Windows Server 2003 Datacenter Edition Itanium 0
+ Microsoft Windows Server 2003 Enterprise Edition
+ Microsoft Windows Server 2003 Enterprise Edition
+ Microsoft Windows Server 2003 Enterprise Edition Itanium 0
+ Microsoft Windows Server 2003 Enterprise Edition Itanium 0
+ Microsoft Windows Server 2003 Standard Edition
+ Microsoft Windows Server 2003 Standard Edition
+ Microsoft Windows Server 2003 Web Edition
+ Microsoft Windows Server 2003 Web Edition
Microsoft Windows Media Player 7.1
- Microsoft Windows 98
- Microsoft Windows 98
- Microsoft Windows ME
- Microsoft Windows ME
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP6
- Microsoft Windows NT 4.0 SP6
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows NT 4.0 SP2
- Microsoft Windows NT 4.0 SP2
- Microsoft Windows NT 4.0 SP1
- Microsoft Windows NT 4.0 SP1
- Microsoft Windows NT 4.0
- Microsoft Windows NT 4.0
Microsoft Windows Media Player 11
Microsoft Windows Media Player 10.0
Avaya Customer Interaction Express (CIE) User Interface 1.0.2
Avaya Customer Interaction Express (CIE) User Interface 1.0
Avaya Customer Interaction Express (CIE) Server 1.0
Avaya CIE 1.0.2
Avaya CIE 1.0
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus