1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: Midi CVE-2012-0003 2

Web Attack: Midi CVE-2012-0003 2

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects a remote buffer overflow vulnerability in Windows Media Player.

Additional Information

Microsoft Windows Media Player is a multimedia application available for the Windows operating system.

The Microsoft Windows Media Player is prone to a remote code-execution vulnerability when handling specially crafted media content. Specifically, the issue affects the windows multimedia library ('winmm.dll') when parsing a specially-crafted 'MTrk' chunk of a MIDI file.

An attacker can exploit this issue by enticing an unsuspecting user to view a malicious webpage.

Successful exploits will allow the attacker to execute arbitrary code in the context of the user running the application which can compromise the application and possibly the computer.

Affected

  • Various Windows platforms

Response

The vendor released an advisory and updates to address this issue. Please see the references for more information.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube