=====================================================================
                                   CERT-Renater

                        Note d'Information No. 2007/VULN357
_____________________________________________________________________

DATE                      : 16/08/2007

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Windows Media Player

======================================================================


MS07-047 - Vulnerabilities in Windows Media Player Could Allow Remote
Code Execution (936782)

Original Bulletin:
  http://www.microsoft.com/technet/security/bulletin/ms07-047.mspx

Affected Software:

   Windows Media Player 7.1
   Windows Media Player 9
   Windows Media Player 10
   Windows Media Player 11

Vulnerability Details:

Windows Media Player Code Execution Vulnerability Parsing Skins -
CVE-2007-3037

   A code execution vulnerability exists in Windows Media Player skin
   parsing. An attacker who successfully exploited this vulnerability
   could take complete control of an affected system.

Windows Media Player Code Execution Vulnerability Decompressing Skins -
CVE-2007-3035

A remote code execution vulnerability exists in Windows Media Player an
attacker who successfully exploited this vulnerability could take
complete control of an affected system.


======================================================================

          =========================================================
          Les serveurs de référence du CERT-Renater
          http://www.urec.fr/securite
          http://www.cru.fr/securite
          http://www.renater.fr
          =========================================================
          + CERT-RENATER          | tel : 01-53-94-20-44          +
          + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
          + 75013 Paris           | email: certsvp@renater.fr     +
          =========================================================