Vulnerability Description
Buffer overflow in mplay32.exe of Microsoft Windows Media Player (WMP) 6.3 through 7.1 allows remote attackers to execute arbitrary commands via a long mp3 filename command line argument. NOTE: since the only known attack vector requires command line access, this may not be a vulnerability.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Windows Media Player | - |
References
- http://online.securityfocus.com/archive/1/285082
- http://www.iss.net/security_center/static/9727.php
- http://www.securityfocus.com/bid/5357Exploit
- http://online.securityfocus.com/archive/1/285082
- http://www.iss.net/security_center/static/9727.php
- http://www.securityfocus.com/bid/5357Exploit
FAQ
What is CVE-2002-1847?
CVE-2002-1847 is a vulnerability with a CVSS score of 7.5 (HIGH). Buffer overflow in mplay32.exe of Microsoft Windows Media Player (WMP) 6.3 through 7.1 allows remote attackers to execute arbitrary commands via a long mp3 filename command line argument. NOTE: since ...
How severe is CVE-2002-1847?
CVE-2002-1847 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-1847?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Windows Media Player.