URL Command Bypass Vulnerability in Microsoft Windows Media Player

URL Command Bypass Vulnerability in Microsoft Windows Media Player

CVE-2003-1107 · MEDIUM Severity

AV:N/AC:H/AU:N/C:P/I:P/A:P

The DHTML capability in Microsoft Windows Media Player (WMP) 6.4, 7.0, 7.1, and 9 may run certain URL commands from a security zone that is less trusted than the current zone, which allows attackers to bypass intended access restrictions.

Learn more about our Web Application Penetration Testing UK.