8.1
CVSSv3

CVE-2012-0003

Published: 10/01/2012 Updated: 21/11/2024

Vulnerability Summary

Unspecified vulnerability in winmm.dll in Windows Multimedia Library in Windows Media Player (WMP) in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows remote malicious users to execute arbitrary code via a crafted MIDI file, aka "MIDI Remote Code Execution Vulnerability."

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft windows 7 -

microsoft windows server 2003

microsoft windows server 2008

microsoft windows server 2008 -

microsoft windows server 2008 r2

microsoft windows vista

microsoft windows xp

microsoft windows xp 2005

Exploits

## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = NormalRanking inclu ...
This Metasploit module exploits a heap overflow vulnerability in the Windows Multimedia Library (winmmdll) The vulnerability occurs when parsing specially crafted MIDI files Remote code execution can be achieved by using Windows Media Player's ActiveX control Exploitation is done by supplying a specially crafted MIDI file with specific events, ...

Recent Articles

SecTor – Security Education Conference 2012, Toronto / CA
Securelist • Stefan Ortloff • 03 Oct 2012

I’m sending greetings from Canada, where I’m attending the 6th annual SecTor Security Education Conference in the very impressive city of Toronto. With almost 70 talks and nearly 50 exhibitors there are a lot of opportunities to learn about new techniques and meet interesting people from all over the world. In addition there is a “LockPick Village”, a robotics-showcase and a capture the flag competition located in the expo area. Last but not least, Kaspersky Lab is exhibiting in the expo...

CVE-2012-0003 Exploit ITW
Securelist • Kurt Baumgartner • 27 Jan 2012

S. Korean handlers are slow to take down the publicly distributed malicious code exploiting CVE-2012-0003, a vulnerability patched in Microsoft’s January 2012 patch release MS12-004. We have discussed with reporters that the code has been available since the 21st, and a site appears to have been publicly attacking very low numbers of Korean users over the past day or so. The site remains up at this time. The exploit itself appears to be reliable and easy to replicate, so we expect to see this ...