HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2015-1728

CVSS 9.3v2.0pub. 2015-06-10upd. 2026-05-06

Microsoft Windows Media Player 10 through 12 allows remote attackers to execute arbitrary code via a crafted DataObject on a web site, aka "Windows Media Player RCE via DataObject Vulnerability."

CVSS Vector
AV:N/AC:M/Au:N/C:C/I:C/A:C
  • Microsoft Windows Media Player

    APP
    Microsoft
    1010.00.00.364610.00.00.399010.00.00.401910.00.00.40361111.0.5721.514511.0.5721.523011.0.6000.632412
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2013-3127HIGH9.3ten sam produkt

The Microsoft WMV video codec in wmv9vcm.dll, wmvdmod.dll in Windows Media Format Runtime 9 and 9.5, and wmvde...

CVE-2010-2745HIGH9.3ten sam produkt

Microsoft Windows Media Player (WMP) 9 through 12 does not properly deallocate objects during a browser reload...

CVE-2010-3138HIGH9.3ten sam produkt

Untrusted search path vulnerability in the Indeo Codec in iac25_32.ax in Microsoft Windows XP SP3 allows local...

CVE-2010-0268HIGH9.3ten sam produkt

Unspecified vulnerability in the Windows Media Player ActiveX control in Windows Media Player (WMP) 9 on Micro...

CVE-2009-4309HIGH9.3ten sam produkt

Heap-based buffer overflow in the Intel Indeo41 codec for Windows Media Player in Microsoft Windows 2000 SP4, ...