MS06-078 Bulletin Details
Bulletin ID MS06-078
Title Vulnerability in Windows Media Format Could Allow Remote Code Execution (923689)
Summary CVE-2006-4702:
A remote code execution vulnerability exists in Windows Media Format Runtime due to the way it handles Advanced Systems Format (ASF) files. An attacker could exploit the vulnerability by constructing specially crafted Windows Media Player content that could potentially allow remote code execution if a user visits a malicious Web site or opens an e-mail message with malicious content.

CVE-2006-6134
A remote code execution vulnerability exists in Windows Media Format Runtime due to the way it handles certain elements contained in Advanced Stream Redirector (ASX) files. An attacker could exploit the vulnerability by constructing a specially crafted ASX file that could allow remote code execution if a user visits a malicious Web site, where specially crafted ASX files are used to launch Windows Media player, or if a user clicks on a URL pointing to a specially crafted ASX file.
Knowledgebase 923689

List of Patches

S.No Patch Name Severity
1WindowsMedia6-KB925398-x86-ENU.exeCritical
2WindowsMedia6-KB925398-v2-x64-ENU.exeCritical

Disclaimer: This webpage is intended to provide you information about patch announcement for certain specific software products. The information is provided "As Is" without warranty of any kind. The links provided point to pages on the vendors websites. You can get more information by clicking the links to visit the relevant pages on the vendors website.