exploitDog

CVE-2004-1325

Опубликовано: 18 дек. 2004

Источник: nvd

CVSS2: 5

EPSS Средний

Описание

The getItemInfoByAtom function in the ActiveX control for Microsoft Windows Media Player 9.0 returns a 0 if the file does not exist and the size of the file if the file exists, which allows remote attackers to determine the existence of files on the local system.

Ссылки

http://marc.info/?l=bugtraq&m=110352518211306&w=2
http://www.securityfocus.com/bid/12032
Exploit
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/18587
http://marc.info/?l=bugtraq&m=110352518211306&w=2
http://www.securityfocus.com/bid/12032
Exploit
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/18587

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:microsoft:windows_media_player:9:*:*:*:*:*:*:*

EPSS

Процентиль: 97%

0.44547

Средний

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-vmqr-c49v-3hhp

github

больше 3 лет назад

The getItemInfoByAtom function in the ActiveX control for Microsoft Windows Media Player 9.0 returns a 0 if the file does not exist and the size of the file if the file exists, which allows remote attackers to determine the existence of files on the local system.

EPSS

Процентиль: 97%

0.44547

Средний

5 Medium

CVSS2

Дефекты

NVD-CWE-Other