1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP Windows Media Player ASF BO

HTTP Windows Media Player ASF BO

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects a maliciously crafted ASF file attempting to exploit a vulnerability that may allow Remote Code Execution when the file is processed by Windows Media Player.

Additional Information

A vulnerability exists in Windows Media Player 6.4 which could lead to file data being written past the end of a heap buffer, leading to arbitrary code execution, while parsing ASF files. WMA and WMV are examples of ASF files. This vulnerability can be triggered when browsing to a folder containing a malformed ASF file using Windows Explorer.

Affected

  • Windows Media Player 6.4
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube