CVE-2002-0372

CVE Database · CVE-2002-0372

CVE-2002-0372

· N/AModified

CVSS v3.1

N/A

EPSS

14.42%

Published

Jul 3, 2002

Modified

Apr 15, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Microsoft Windows Media Player versions 6.4 and 7.1 and Media Player for Windows XP allow remote attackers to bypass Internet Explorer's (IE) security mechanisms and run code via an executable .wma media file with a license installation requirement stored in the IE cache, aka the "Cache Path Disclosure via Windows Media Player".

Affected Products (3)

microsoft · windows_media_playervulnerable

References (8)

http://www.iss.net/security_center/static/9420.php

http://www.securityfocus.com/bid/5107

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-032

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A281

http://www.iss.net/security_center/static/9420.php

http://www.securityfocus.com/bid/5107

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-032

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A281

KEV Catalog EPSS Scores Vendors All CVEs