There is a buffer overflow in the parsing of Active Stream Redirector (.ASX) files. This buffer overflow may allow a remote attacker to execute arbitrary code when a user views a malicious web page.
There is a buffer overflow in the processing of Active Stream Redirector (.ASX) files in Windows Media Player version 6.4 and 7. An Active Stream Redirector is a file type used by Windows Media Player to determine where a media stream can be found on the Internet, and how to play it.
A newer variant of this vulnerability is described in VU#187528 and MS01-029.
An attacker may be able to execute arbitrary code on vulnerable systems when the user visits a web page.
Apply a Patch
Thanks to Ollie Whitehouse of @Stake for discovering this vulnerability.
This document was written by Cory F. Cohen.
|Date First Published:||2002-09-27|
|Date Last Updated:||2002-09-27 17:47 UTC|