CVE-2015-1728
Microsoft Windows Media Player 10 through 12 allows remote attackers to execute arbitrary code via a crafted DataObject on a web site, aka "Windows Media Player RCE via DataObject Vulnerability."
Date published : 2015-06-09
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-057