CVE-2007-3037

CVE Database · CVE-2007-3037

CVE-2007-3037

· N/AModified

CVSS v3.1

N/A

EPSS

21.82%

Published

Aug 14, 2007

Modified

Apr 22, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Microsoft Windows Media Player 7.1, 9, 10, and 11 allows remote attackers to execute arbitrary code via a skin file (WMZ or WMD) with crafted header information that causes a size mismatch between compressed and decompressed data and triggers a heap-based buffer overflow, aka "Windows Media Player Code Execution Vulnerability Parsing Skins."

Weaknesses (CWE)

CWE-94CWE-119

Affected Products (4)

microsoft · windows_media_playervulnerable

References (20)

http://secunia.com/advisories/26433

Vendor Advisory

http://securitytracker.com/id?1018565

http://www.osvdb.org/36385

http://www.securityfocus.com/archive/1/476533/100/0/threaded

http://www.securityfocus.com/bid/25307

http://www.us-cert.gov/cas/techalerts/TA07-226A.html