CVE-2006-6602 - Publish Date: 12/15/2006
explorer.exe in Windows Explorer 6.00.2900.2180 in Microsoft Windows XP SP2 allows user-assisted remote attackers to cause a denial of service via a crafted WMV file.
CVE-2006-6601 - Publish Date: 12/15/2006
Windows Media Player 10.00.00.4036 in Microsoft Windows XP SP2 allows user-assisted remote attackers to cause a denial of service via a MID file with a malformed header chunk without any track chunks, possibly involving (1) number of tracks of (2) time division fields that are set to 0.
Credit to SehaTo for both.
You might remember him from the Windows Media ASX DoS Exploit.
PoC Exploits for Both = http://www.security.nnov.ru/Gnews936.html
No comments:
Post a Comment