Intrusion Prevention



This indicates an attack attempt to exploit a heap overflow vulnerability in Microsoft Media Player.
The vulnerability is caused by an error when the vulnerable software parses a malformed skin file. It may allow a remote attacker to execute arbitrary code via a crafted .WMZ file whose compressed size and uncompressed size are mismatched.

Affected Products

Windows Media Player 7.1
Windows Media Player 9
Windows Media Player 10
Windows Media Player 11


System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply patch, available from the website:

CVE References

CVE-2007-3035 CVE-2007-3037