Microsoft Windows Media Player File Attachment Script Execution Vulnerability

Reportedly, Microsoft Windows Media Player may allow malicious file attachments to execute arbitrary code in the context of the local system. Specifically the vulnerability is due to incorrect validation of WMD (*.wmd) files. WMD (Windows Media Download) packages are used by Media Player to store files in a user's known Virtual Music directory.

It is possible for an attacker to compose a malicious WMD file consisting of a malicious .ASX and .ASF file, have Media Player extract these files into a known location and then execute the malicious code.

** It has been reported that other local files may also be executed by exploiting this vulnerability. If a script file is inserted into a known location, such as the Temporary Internet Files folder, Windows Media Player may execute the script file through a particular URL contained within the .asf file.


Privacy Statement
Copyright 2010, SecurityFocus