Rapid7 Vulnerability & Exploit Database

MS03-017: Flaw in Windows Media Player Skins Downloading Could Allow Code Execution (817787)

Back to Search

MS03-017: Flaw in Windows Media Player Skins Downloading Could Allow Code Execution (817787)



Your system may require one or more security patches or hotfixes from Microsoft.

Microsoft Windows Media Player provides functionality to change the overall appearance of the player itself through the use of skins. Skins are custom overlays that consist of collections of one or more files of computer art, organized by an XML file. The XML file tells Windows Media Player how to use these files to display a skin as the user interface. In this manner, the user can choose from a variety of standard skins, each one providing an additional visual experience. Windows Media Player comes with several skins to choose from, but it is relatively easy to create and distribute custom skins. A flaw exists in the way Windows Media Player 7.1 and Windows Media Player for Windows XP handle the download of skin files. The flaw means that an attacker could force a file masquerading as a skin file into a known location on a userâs machine. This could allow an attacker to place and then launch a malicious executable on the system.


  • WINDOWS-HOTFIX-MS03-017-6ac4bc58-278d-4cc5-863d-320f0c315fd1
  • WINDOWS-HOTFIX-MS03-017-86827977-8e6d-4113-81a3-560beb26f213

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center