CVE-2007-5095

Name: CVE-2007-5095
Creator: NVD / NIST
Published: 2007-09-26T22:17:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 15.17%

Last modified Jun 16, 2026

CVE-2007-5095 is a vulnerability of currently unknown severity. Microsoft Windows Media Player (WMP) 9 on Windows XP SP2 invokes Internet Explorer to render HTML documents contained inside some media files, regardless of what default web browser is configured, which might allow remote attackers to exploit vulnerabilities in software that the user does not expect to run, as demonstrated by the HTMLView parameter in an .asx file.. EPSS estimates a 15.17% chance of exploitation in the next 30 days.

Description

Microsoft Windows Media Player (WMP) 9 on Windows XP SP2 invokes Internet Explorer to render HTML documents contained inside some media files, regardless of what default web browser is configured, which might allow remote attackers to exploit vulnerabilities in software that the user does not expect to run, as demonstrated by the HTMLView parameter in an .asx file.

Metrics

EPSS Probability

15.17%

96.3th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-20

Affected Software

Vendor	Product	Versions
Microsoft	Windows Media Player	9

References

Timeline

Published: Sep 26, 2007
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2007-5095?

How severe is CVE-2007-5095?

Severity scoring for CVE-2007-5095 is pending analysis. The EPSS model estimates a 15.17% probability of exploitation in the next 30 days.

How do I fix CVE-2007-5095?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2007-5095?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST