CVE-2007-5095

CVE Database · CVE-2007-5095

CVE-2007-5095

· N/AModified

CVSS v3.1

N/A

EPSS

15.17%

Published

Sep 26, 2007

Modified

Apr 22, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Microsoft Windows Media Player (WMP) 9 on Windows XP SP2 invokes Internet Explorer to render HTML documents contained inside some media files, regardless of what default web browser is configured, which might allow remote attackers to exploit vulnerabilities in software that the user does not expect to run, as demonstrated by the HTMLView parameter in an .asx file.

Weaknesses (CWE)

CWE-20

Affected Products (2)

microsoft · windows_xp

microsoft · windows_media_playervulnerable

References (12)

http://osvdb.org/41093

http://www.gnucitizen.org/blog/backdooring-windows-media-files

http://www.securityfocus.com/archive/1/479825/100/100/threaded

http://www.securityfocus.com/archive/1/479854/100/100/threaded

http://www.securityfocus.com/archive/1/479855/100/100/threaded

http://www.securityfocus.com/archive/1/479856/100/100/threaded

http://osvdb.org/41093

http://www.gnucitizen.org/blog/backdooring-windows-media-files

http://www.securityfocus.com/archive/1/479825/100/100/threaded

http://www.securityfocus.com/archive/1/479854/100/100/threaded

http://www.securityfocus.com/archive/1/479855/100/100/threaded

KEV Catalog EPSS Scores Vendors All CVEs