A windows media player bug was found that could be exploited remotely via a specially crafted SND, MIDI or WAV file to trigger an integer overflow. While Microsoft tries to downplay the severity of the bug, a report along with proof of concept code that would supposedly allow remote code execution on vulnerable systems was released.
According to Microsoft, the flaw is a “reliability issue with no security risk to customers” which had already been identified during routine code maintenance and addressed in the Windows Server 2003 SP2.
