Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Windows Media Player file download and execution

Windows Media Player file download and execution

by Mario Miri on May 24th, 2003 Using special XMLNS (XML Name Space) tag embedded in HTML email message it is possible to the attacker to automatically cause Media Player to download and execute arbitrary files.


Vulnerable:
Microsoft Windows Media Player 7.0
Microsoft Windows Media Player 7.1


Solution:
Currently there are no vendor supplied patches. Version 9.0 of the software is not prone to this attack.


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »