Intrusion Prevention

MS.Windows.Media.Player.BMP.Remote.Buffer.Overflow

Description

This indicates a possible attempt to exploit a Heap Overflow vulnerability in Microsoft Windows Media Player 7.1.
The vulnerability can be exploited by crafting a malicious Bitmap file with the "size" field set to zero, but still containing some additional information. A successful exploit can lead to the execution of arbitrary code.

Affected Products

Microsoft Windows Media Player 7.1 on Windows 2000 SP4
Media Player 9 on Windows 200 SP4 and XP SP1
Media Player 10 on XP SP1 and SP2

Impact

System Compromise: Remote code execution.

Recommended Actions

Microsoft has released a security update for this vulnerability, please apply MS06-005.

CVE References

CVE-2006-0006