Executive Summary

Informations
Name MS02-032 First vendor Publication N/A
Vendor Microsoft Last vendor Modification N/A
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score 7.5 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Cumulative Patch for Windows Media Player (Q320920)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:281
 
Oval ID: oval:org.mitre.oval:def:281
Title: Cache Path Disclosure via Windows Media Player
Description: Microsoft Windows Media Player versions 6.4 and 7.1 and Media Player for Windows XP allow remote attackers to bypass Internet Explorer's (IE) security mechanisms and run code via an executable .wma media file with a license installation requirement stored in the IE cache, aka the "Cache Path Disclosure via Windows Media Player".
Family: windows Class: vulnerability
Reference(s): CVE-2002-0372
 Version: 5
Platform(s): Microsoft Windows XP
 Product(s): Windows Media Player for Windows XP
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 5
Application 2
Application 3

Open Source Vulnerability Database (OSVDB)

Id Description
13419 Microsoft Windows Media Player Active Playlist Arbitrary HTML Script Execution
5313 Microsoft Windows Media Device Manager Invalid Local Storage Device Privilege...
5312 Microsoft Windows Media Player .wma IE Cache Arbitrary Code Execution