Vulnerability Description
The Microsoft Windows Media Player 9.0 ActiveX control may allow remote attackers to execute arbitrary web script in the Local computer zone via the (1) artist or (2) song fields of a music file, if the file is processed using Internet Explorer.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Windows Media Player | 9 |
References
- http://marc.info/?l=bugtraq&m=110352518211306&w=2
- http://www.securityfocus.com/bid/12031ExploitPatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18576
- http://marc.info/?l=bugtraq&m=110352518211306&w=2
- http://www.securityfocus.com/bid/12031ExploitPatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18576
FAQ
What is CVE-2004-1324?
CVE-2004-1324 is a vulnerability with a CVSS score of 2.6 (LOW). The Microsoft Windows Media Player 9.0 ActiveX control may allow remote attackers to execute arbitrary web script in the Local computer zone via the (1) artist or (2) song fields of a music file, if t...
How severe is CVE-2004-1324?
CVE-2004-1324 has been rated LOW with a CVSS base score of 2.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-1324?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Windows Media Player.