Heap-based buffer overflow in Windows Media allows an authorized attacker to execute code locally.
Metrics
Affected Vendors & Products
References
History
Wed, 09 Jul 2025 17:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Microsoft
Microsoft windows 10 1809 Microsoft windows 10 21h2 Microsoft windows 10 22h2 Microsoft windows 11 22h2 Microsoft windows 11 23h2 Microsoft windows 11 24h2 Microsoft windows Server 2019 Microsoft windows Server 2022 Microsoft windows Server 2022 23h2 Microsoft windows Server 2025 |
|
CPEs | cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:* cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:* cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:* |
|
Vendors & Products |
Microsoft
Microsoft windows 10 1809 Microsoft windows 10 21h2 Microsoft windows 10 22h2 Microsoft windows 11 22h2 Microsoft windows 11 23h2 Microsoft windows 11 24h2 Microsoft windows Server 2019 Microsoft windows Server 2022 Microsoft windows Server 2022 23h2 Microsoft windows Server 2025 |
Wed, 28 May 2025 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
Thu, 22 May 2025 03:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
Wed, 09 Apr 2025 02:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
| |
Metrics |
threat_severity
|
threat_severity
|
Tue, 08 Apr 2025 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Tue, 08 Apr 2025 17:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Heap-based buffer overflow in Windows Media allows an authorized attacker to execute code locally. | |
Title | Windows Media Remote Code Execution Vulnerability | |
Weaknesses | CWE-122 | |
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: microsoft
Published: 2025-04-08T17:23:07.837Z
Updated: 2025-06-04T17:52:21.460Z
Reserved: 2025-02-12T22:35:41.548Z
Link: CVE-2025-26666

Updated: 2025-04-08T20:06:21.916Z

Status : Analyzed
Published: 2025-04-08T18:15:49.833
Modified: 2025-07-09T16:38:18.770
Link: CVE-2025-26666
