Vulnerability Name: | CVE-2002-0372 (CCN-9420) | ||||||||
Assigned: | 2002-06-26 | ||||||||
Published: | 2002-06-26 | ||||||||
Updated: | 2018-10-30 | ||||||||
Summary: | Microsoft Windows Media Player versions 6.4 and 7.1 and Media Player for Windows XP allow remote attackers to bypass Internet Explorer's (IE) security mechanisms and run code via an executable .wma media file with a license installation requirement stored in the IE cache, aka the "Cache Path Disclosure via Windows Media Player". | ||||||||
CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||
CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
| ||||||||
Vulnerability Type: | CWE-Other | ||||||||
Vulnerability Consequences: | Gain Access | ||||||||
References: | Source: MITRE Type: CNA CVE-2002-0372 Source: CCN Type: CIAC Information Bulletin M-096 Microsoft Windows Media Player Vulnerabilities Source: XF Type: UNKNOWN mediaplayer-cache-code-execution(9420) Source: CCN Type: Microsoft Security Bulletin MS02-032 26 June 2002 Cumulative Patch for Windows Media Player (Q320920) Source: CCN Type: OSVDB ID: 5312 Microsoft Windows Media Player .wma IE Cache Arbitrary Code Execution Source: BID Type: UNKNOWN 5107 Source: CCN Type: BID-5107 Windows Media Player IE Cache Path Disclosure Vulnerability Source: MS Type: UNKNOWN MS02-032 Source: XF Type: UNKNOWN mediaplayer-cache-code-execution(9420) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:281 | ||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: ![]() | ||||||||
Oval Definitions | |||||||||
| |||||||||
BACK |