HIGH✓ PATCH🇬🇧 English

CVE-2010-2745

CVSS 9.3v2.0pub. 2010-10-13upd. 2026-04-29

Microsoft Windows Media Player (WMP) 9 through 12 does not properly deallocate objects during a browser reload action, which allows user-assisted remote attackers to execute arbitrary code via crafted media content referenced in an HTML document, aka "Windows Media Player Memory Corruption Vulnerability."

oryginał EN
CVSS Vector
AV:N/AC:M/Au:N/C:C/I:C/A:C
  • Microsoft Windows 2003 Server

    OS
    Microsoft
    wszystkie wersje
  • Microsoft Windows 7

    OS
    Microsoft
    wszystkie wersje
  • Microsoft Windows Media Player

    APP
    Microsoft
    1011129
  • Microsoft Windows Server 2003

    OS
    Microsoft
    wszystkie wersje
  • Microsoft Windows Server 2008

    OS
    Microsoft
    r2
  • Microsoft Windows Vista

    OS
    Microsoft
    wszystkie wersje
  • Microsoft Windows Xp

    OS
    Microsoft
    wszystkie wersje
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
RCE
CWE
Referencje

Powiązane podatności

CVE-2020-1350CRITICAL10.0⚠ KEVten sam produkt

A remote code execution vulnerability exists in Windows Domain Name System servers when they fail to properly ...

CVE-2020-1040CRITICAL9.0⚠ KEVten sam produkt

A remote code execution vulnerability exists when Hyper-V RemoteFX vGPU on a host server fails to properly val...

CVE-2020-0646CRITICAL9.8⚠ KEVten sam produkt

A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properl...

CVE-2019-0708CRITICAL9.8⚠ KEVten sam produkt

A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services wh...

CVE-2017-8543CRITICAL9.8⚠ KEVten sam produkt

Microsoft Windows XP SP3, Windows XP x64 XP2, Windows Server 2003 SP2, Windows Vista, Windows 7 SP1, Windows S...