Arbitrary File Access and Execution Vulnerability in Windows Media Player

Arbitrary File Access and Execution Vulnerability in Windows Media Player

CVE-2003-0604 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Windows Media Player (WMP) 7 and 8, as running on Internet Explorer and possibly other Microsoft products that process HTML, allows remote attackers to bypass zone restrictions and access or execute arbitrary files via an IFRAME tag pointing to an ASF file whose Content-location contains a File:// URL.

Learn more about our Web Application Penetration Testing UK.