Windows Media Player Vulnerabilities

When researching this post, I was quite surprised when comparing it to the results of my previous post on QuickTime. I was expecting at least as many vulnerabilities in WMP, but (artificially limiting my view to 2006 as I did for QuickTime) there were only 3, with MS06-05, MS06-06, and MS06-24 being the vuln notes. Even trying to see if maybe there were previous vulnerability gluts which are just now out of the way shows that this is not really the case. 2002 was "the worst of it" with 8 problems. So putting aside the various explanations I might speculate on this disparity *cough*appledoesntusefuzzersontheirowncodebutMSdoes*cough*, I'd like to once again drive home the point: When you are using your browser you are relying directly on a number of plugins and libraries each of which can have vulnerabilities (not to mention the interactions of which can have more complex vulnerabilities!)

CVEs for the 2006 Windows Media Player vulnerabilities:
MS06-24 - CVE-2006-0025
MS06-06 - CVE-2006-0006
MS06-05 - CVE-2006-0005

P.s. I can't get enough of MS's "An attacker would have no way to force users to visit a malicious Web site." mitigating factor ;)

Update - 12/27/06: Some new vulnerabilities I just through I would add in here:
MS06-78 - CVE-2006-4702, CVE-2006-6134 (discussed more at the Dec 2006 patch Tuesday post here)