Microsoft Windows Media Player Automatic File Download and Execution Vulnerability

Windows Media Player reportedly allows for the automatic downloading and execution of files. This is done using a specifically crafted XMLNS (XML Name Space) URI embedded within an HTML email message. Combined with the vulnerability described in BID 5543, this allows Windows Media Player to download and execute the referenced file without user intervention.


 

Privacy Statement
Copyright 2010, SecurityFocus