CVE-2006-4702

medium Microsoft
CVSS v3 Base Score
6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS Score
55.7%
Exploitation probability in 30 days
Top 2% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
M
Confidentiality
P
Integrity
P
Availability
P
Published: December 13, 2006 (7092 days ago)
Last Modified: April 23, 2026
Vendor: Microsoft
Source: NVD

Description

Buffer overflow in the Windows Media Format Runtime in Microsoft Windows Media Player (WMP) 6.4 and Windows XP SP2, Server 2003, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted Advanced Systems Format (ASF) file.

CWE

NVD-CWE-Other

Affected Products

microsoft windows media playermicrosoft windows 2003 servermicrosoft windows xp

References

🔗 securitytracker.com 🔗 support.avaya.com 🔗 www.securityfocus.com 🔗 www.securityfocus.com 🔗 www.us-cert.gov