Vulnerability Details CVE-2015-1728
Microsoft Windows Media Player 10 through 12 allows remote attackers to execute arbitrary code via a crafted DataObject on a web site, aka "Windows Media Player RCE via DataObject Vulnerability."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.261
EPSS Ranking 95.9%
CVSS Severity
CVSS v2 Score 9.3
References
- http://www.securitytracker.com/id/1032522
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-057
- https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1200
- http://www.securitytracker.com/id/1032522
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-057
- https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1200
Products affected by CVE-2015-1728
-
cpe:2.3:a:microsoft:windows_media_player:10
-
cpe:2.3:a:microsoft:windows_media_player:10.00.00.3646
-
cpe:2.3:a:microsoft:windows_media_player:10.00.00.3990
-
cpe:2.3:a:microsoft:windows_media_player:10.00.00.4019
-
cpe:2.3:a:microsoft:windows_media_player:10.00.00.4036
-
cpe:2.3:a:microsoft:windows_media_player:11
-
cpe:2.3:a:microsoft:windows_media_player:11.0.5721.5145
-
cpe:2.3:a:microsoft:windows_media_player:11.0.5721.5230
-
cpe:2.3:a:microsoft:windows_media_player:11.0.6000.6324
-
cpe:2.3:a:microsoft:windows_media_player:12