First published: Fri Jul 23 2004(Updated: )
The Windows Media Player control in Microsoft Windows 2000 allows remote attackers to execute arbitrary script in the local computer zone via an ASX filename that contains javascript, which is executed in the local context in a preview panel.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Windows 2000 | ||
Microsoft Windows 2000 | =sp4 | |
Microsoft Windows 2000 | =sp2 | |
Microsoft Windows 2000 | =sp1 | |
Microsoft Windows 2000 | =sp3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2004-0726 has been classified as a moderate severity vulnerability due to the potential for remote script execution.
To mitigate CVE-2004-0726, ensure that Windows Media Player is updated to the latest version available for Windows 2000.
CVE-2004-0726 affects all versions of Microsoft Windows 2000, including Service Packs 1 through 4.
CVE-2004-0726 allows remote attackers to execute arbitrary JavaScript code in the local context of a user’s computer.
Yes, CVE-2004-0726 specifically targets the Windows Media Player control within Microsoft Windows 2000.