Reported May 23, 2001, by Microsoft.
Microsoft Windows Media Player 6.4 and 7.0 for Windows 2000, Windows NT, Windows Me, and Windows 9x
An unchecked buffer vulnerability exists in how Windows Media Player processes Active Stream Redirector (.asx) files that can result in a buffer overflow. An attacker can use the vulnerability to run code on the vulnerable computer under the user's security context.
The vendor, Microsoft, has acknowledged this vulnerability and recommends that users of Windows Media Player 6.4 immediately apply the patch contained in Security Bulletin MS01-029. For users of version 7.0, Microsoft recommends an upgrade to version 7.1.
Discovered by Microsoft.