Windows Media Player PNG buffer overflow

Added: 06/16/2006
CVE: CVE-2006-0025
BID: 18385
OSVDB: 26430

Background

Windows Media Player is an audio and video media player for Windows platforms.

Problem

A buffer overflow in Windows Media Player allows command execution when a user opens a specially crafted PNG image file.

Resolution

Apply the patch referenced in Microsoft Security Bulletin 06-024.

References

http://www.kb.cert.org/vuls/id/608020
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=406

Limitations

Successful exploitation requires a user to download a PNG file and open it in Windows Media Player.

Execution of this exploit requires the Digest::CRC PERL module. On Linux systems this is typically found in a package named such as libdigest-crc-perl or perl-Digest-CRC.

Platforms

Windows 2000

Back to exploit index