CVE-2010-2745

EPSS 24.2%

Microsoft Windows Media Player (WMP) 9 through 12 does not properly deallocate objects during a browser reload action, which allows user-assisted remote attackers to execute arbitrary code via crafted media content referenced in an HTML document, aka "Windows Media Player Memory Corruption Vulnerability."

Affected products

n/a · n/a

public PoCs found — 1

exploitdbwww.exploit-db.com/exploits/15242unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-082 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6653 http://www.securitytracker.com/id?1024550 http://www.us-cert.gov/cas/techalerts/TA10-285A.html