CVE-2006-4702

Buffer overflow in the Windows Media Format Runtime in Microsoft Windows Media Player (WMP) 6.4 and Windows XP SP2, Server 2003, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted Advanced Systems Format (ASF) file.

Published: Dec 13, 2006
Updated: Apr 13, 2023
CVE: CVE-2006-4702
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
microsoft / windows_media_player	6.4	6.4.x
microsoft / windows_2003_server	sp1	sp1.x
microsoft / windows_2003_server	gold	gold.x
microsoft / windows_xp	-	-

http://securitytracker.com/id?1017372
http://support.avaya.com/elmodocs2/security/ASA-2006-274.htm
http://www.securityfocus.com/archive/1/454969/100/200/threaded
http://www.securityfocus.com/bid/21505
http://www.us-cert.gov/cas/techalerts/TA06-346A.html
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-078
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A536

Vulnerability Database

289,697

CVE-2006-4702