CVE-2007-3035

2007-08-1421:17:00

microsoft

web.nvd.nist.gov

cve-2007-3035

microsoft

windows media player

vulnerability

remote code execution

wmz

wmd

nvd

CVSS2

7.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

AI Score

7.4

Confidence

Low

EPSS

0.792

Percentile

98.3%

JSON

Unspecified vulnerability in Microsoft Windows Media Player 7.1, 9, 10, and 11 allows remote attackers to execute arbitrary code via a skin file (WMZ or WMD) with crafted header information that is not properly handled during decompression, aka “Windows Media Player Code Execution Vulnerability Decompressing Skins.”

Affected configurations

Nvd

Node

microsoftwindows_media_playerMatch7.1

microsoftwindows_media_playerMatch9

microsoftwindows_media_playerMatch10

microsoftwindows_media_playerMatch11

VendorProductVersionCPE
microsoftwindows_media_player7.1cpe:2.3:a:microsoft:windows_media_player:7.1:*:*:*:*:*:*:*
microsoftwindows_media_player9cpe:2.3:a:microsoft:windows_media_player:9:*:*:*:*:*:*:*
microsoftwindows_media_player10cpe:2.3:a:microsoft:windows_media_player:10:*:*:*:*:*:*:*
microsoftwindows_media_player11cpe:2.3:a:microsoft:windows_media_player:11:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
microsoft	windows_media_player	7.1	cpe:2.3:a:microsoft:windows_media_player:7.1:::::::*
microsoft	windows_media_player	9	cpe:2.3:a:microsoft:windows_media_player:9:::::::*
microsoft	windows_media_player	10	cpe:2.3:a:microsoft:windows_media_player:10:::::::*
microsoft	windows_media_player	11	cpe:2.3:a:microsoft:windows_media_player:11:::::::*