WMP9 Flaw May Allow Media Library Access

By TS | Thomas
Jun 27, 2003
  1. An ActiveX control included with Windows Media Player 9 Series allows Web page authors to create Web pages that can play media & provide a user interface by which the user can control playback. When a user visits a Web page with embedded media, the ActiveX control provides a user interface that allows the user to take such actions as pausing or rewinding the media.

    A flaw exists in the way in which the ActiveX control provides access to information on the user’s computer. A vulnerability exists because an attacker could invoke the ActiveX control from script code, which would allow the attacker to view & manipulate metadata contained in the media library on the user’s computer.

    Affected Software:
    Microsoft Windows Media Player 9 Series

    Patch availability
Topic Status:
Not open for further replies.

Similar Topics

Create an account or login to comment

You need to be a member in order to leave a comment
TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...

Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.