Executive Summary

Informations
Name CVE-2007-3035 First vendor Publication 2007-08-14
Vendor Cve Last vendor Modification 2024-11-21

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:H/Au:N/C:C/I:C/A:C)
Cvss Base Score 7.6 Attack Range Network
Cvss Impact Score 10 Attack Complexity High
Cvss Expoit Score 4.9 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Unspecified vulnerability in Microsoft Windows Media Player 7.1, 9, 10, and 11 allows remote attackers to execute arbitrary code via a skin file (WMZ or WMD) with crafted header information that is not properly handled during decompression, aka "Windows Media Player Code Execution Vulnerability Decompressing Skins."

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3035

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:1352
 
Oval ID: oval:org.mitre.oval:def:1352
Title: Windows Media Player Code Execution Vulnerability Decompressing Skins
Description: Unspecified vulnerability in Microsoft Windows Media Player 7.1, 9, 10, and 11 allows remote attackers to execute arbitrary code via a skin file (WMZ or WMD) with crafted header information that is not properly handled during decompression, aka "Windows Media Player Code Execution Vulnerability Decompressing Skins."
Family: windows Class: vulnerability
Reference(s): CVE-2007-3035
 Version: 1
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
 Product(s): Windows Media Player
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 4

OpenVAS Exploits

Date Description
2011-01-14 Name : Vulnerabilities in Windows Media Player Could Allow Remote Code Execution (93...
File : nvt/gb_ms07-047.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
36386 Microsoft Windows Media Player Skin File Handling Crafted Header Arbitrary Co...

Snort® IPS/IDS

Date Description
2014-01-10 Microsoft Media Player compressed skin download request
RuleID : 17546 - Revision : 10 - Type : FILE-IDENTIFY
2014-01-10 Microsoft Windows Media Player skin decompression code execution attempt
RuleID : 17228 - Revision : 5 - Type : OS-WINDOWS
2014-01-10 Microsoft Media Player compressed skin download request
RuleID : 12278 - Revision : 17 - Type : FILE-IDENTIFY

Nessus® Vulnerability Scanner

Date Description
2007-08-14 Name : Arbitrary code can be executed on the remote host through Windows Media Player.
File : smb_nt_ms07-047.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

http://secunia.com/advisories/26433
http://securitytracker.com/id?1018565
http://www.securityfocus.com/archive/1/476548/100/0/threaded
http://www.securityfocus.com/bid/25305
http://www.us-cert.gov/cas/techalerts/TA07-226A.html
http://www.vupen.com/english/advisories/2007/2871
http://www.zerodayinitiative.com/advisories/ZDI-07-047.html
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07...
https://exchange.xforce.ibmcloud.com/vulnerabilities/35895
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...
Source Url

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
Date Informations
2024-11-28 23:16:34
  • Multiple Updates
2024-11-28 12:12:33
  • Multiple Updates
2021-05-04 12:05:53
  • Multiple Updates
2021-04-22 01:06:25
  • Multiple Updates
2020-05-23 00:19:53
  • Multiple Updates
2018-10-16 21:19:59
  • Multiple Updates
2018-10-13 00:22:37
  • Multiple Updates
2017-10-11 09:23:59
  • Multiple Updates
2017-07-29 12:02:17
  • Multiple Updates
2016-04-26 16:12:51
  • Multiple Updates
2014-02-17 10:40:26
  • Multiple Updates
2014-01-19 21:24:12
  • Multiple Updates
2013-05-11 10:27:30
  • Multiple Updates