| Patch Name : |
WindowsMedia6-KB925398-v2-x64-ENU.exe |
| Patch Description : |
Security Update for Windows Media Player 6.4 (KB925398) |
| Bulletin Id : |
MS06-078 |
| Bulletin Title : |
Vulnerability in Windows Media Format Could Allow Remote Code Execution (923689) |
| KnowledgeBase : | 925398 |
| Severity : |
Critical |
| Location Path : | WindowsMedia6-KB925398-v2-x64-ENU.exe |
| Bulletin Summary: |
CVE-2006-4702:
A remote code execution vulnerability exists in Windows Media Format Runtime due to the way it handles Advanced Systems Format (ASF) files. An attacker could exploit the vulnerability by constructing specially crafted Windows Media Player content that could potentially allow remote code execution if a user visits a malicious Web site or opens an e-mail message with malicious content.
CVE-2006-6134
A remote code execution vulnerability exists in Windows Media Format Runtime due to the way it handles certain elements contained in Advanced Stream Redirector (ASX) files. An attacker could exploit the vulnerability by constructing a specially crafted ASX file that could allow remote code execution if a user visits a malicious Web site, where specially crafted ASX files are used to launch Windows Media player, or if a user clicks on a URL pointing to a specially crafted ASX file. |
| Superceding Bulletin Id : |
None |
| Patch Release Date : |
Dec 12, 2006 |
| CVE Id : | CVE-2006-6134 |
| Affected Product Information |
|
| Product Name |
Service Pack Name |
| Windows XP Professional x64 Edition | Windows XP x64 Edition Service Pack 2 |
| Windows Server 2003, Standard x64 Edition | Windows Server 2003 x64 Edition Service Pack 2 |
| Windows Server 2003, Enterprise x64 Edition | Windows Server 2003 x64 Edition Service Pack 2 |
|
| File changes |
|
| File Path |
Version |
| No records found | | |
| Registry changes |
|
| Registry Path |
Key Name |
Key Value |
| $x64$HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows Media Player 6.4\SP0\KB925398_WMP64 | | -2 |
|
