{"vuid":"VU#259890","idnumber":"259890","name":"Windows Media Player does not properly handle PNG images with excessive width or height values","keywords":["Windows Media Player","LibPNG","height","width","integer overflow"],"overview":"Microsoft Windows Media Player fails to properly handle PNG images containing unexpected information. Remote attackers may be able to craft a malicious PNG image that would cause Media Player to execute arbitrary code.","clean_desc":"Microsoft Windows Media Player (WMP) is an application that ships with Microsoft Windows systems. It is used to play various types of media files. WMP will recognize embedded URLs in media files and launch the site specified. According to MS05-009: A remote code execution vulnerability exists in Windows Media Player because it does not properly handle PNG files with excessive width or height values. An attacker could try to exploit the vulnerability by constructing a malicious PNG that could potentially allow remote code execution if a user visited a malicious Web site or clicked a link in a malicious e-mail message. An attacker who successfully exploited this vulnerability could take complete control of an affected system. Please refer to Microsoft Security Bulletin MS05-009 for more information regarding this vulnerability and its remediation. In addition, Note that this vulnerability is related to the issues described in VU#817368 or VU#388984.","impact":"If a remote attacker can persuade a user to access a malicious PNG file with Windows Media Player, that attacker may be able to execute arbitrary code.","resolution":"Apply Patch Microsoft has released Microsoft Security Bulletin MS05-009 to address this issue.","workarounds":"Do Not Follow Unsolicited Links In order to convince users to visit their sites, attackers often use URL encoding, IP address variations, long URLs, intentional misspellings, and other techniques to create misleading links. Do not click on unsolicited links received in email, instant messages, web forums, or internet relay chat (IRC) channels. Type URLs directly into the browser to avoid these misleading links. While these are generally good security practices, following these behaviors will not prevent exploitation of this vulnerability in all cases.","sysaffected":"","thanks":"This vulnerability was reported in Microsoft Security Bulletin \nMS05-009","author":"This document was written by Jeff Gennari based on information provided in Microsoft Security Bulletin MS05-009.","public":["h","t","t","p",":","/","/","w","w","w",".","m","i","c","r","o","s","o","f","t",".","c","o","m","/","t","e","c","h","n","e","t","/","s","e","c","u","r","i","t","y","/","B","u","l","l","e","t","i","n","/","M","S","0","5","-","0","0","9",".","m","s","p","x"],"cveids":["CVE-2004-1244"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2005-02-08T18:51:05Z","publicdate":"2005-02-08T00:00:00Z","datefirstpublished":"2005-02-08T22:31:37Z","dateupdated":"2005-02-09T18:50:02Z","revision":34,"vrda_d1_directreport":"0","vrda_d1_population":"3","vrda_d1_impact":"3","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"3","cam_population":"13","cam_impact":"15","cam_easeofexploitation":"13","cam_attackeraccessrequired":"10","cam_scorecurrent":"8.555625","cam_scorecurrentwidelyknown":"10.9321875","cam_scorecurrentwidelyknownexploited":"20.4384375","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":8.555625,"vulnote":null}