CVE-2004-1324
First published: Sat Dec 18 2004(Updated: )
The Microsoft Windows Media Player 9.0 ActiveX control may allow remote attackers to execute arbitrary web script in the Local computer zone via the (1) artist or (2) song fields of a music file, if the file is processed using Internet Explorer.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Windows Media Player | =9 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2004-1324?
CVE-2004-1324 is considered a moderate severity vulnerability.
How do I fix CVE-2004-1324?
To fix CVE-2004-1324, it is recommended to update Microsoft Windows Media Player to a later version that addresses this vulnerability.
Who is affected by CVE-2004-1324?
CVE-2004-1324 affects users of Microsoft Windows Media Player 9.0 who access music files using Internet Explorer.
What type of attack is associated with CVE-2004-1324?
CVE-2004-1324 allows remote attackers to execute arbitrary web script on a victim's computer.
Can CVE-2004-1324 be exploited remotely?
Yes, CVE-2004-1324 can be exploited remotely through specially crafted music files.
- agent/type
- agent/first-publish-date
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/references
- agent/remedy
- agent/severity
- agent/last-modified-date
- agent/author
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/microsoft
- canonical/windows media player
- version/windows media player/9