1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: Midi CVE-2012-0003 2

Web Attack: Midi CVE-2012-0003 2

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.


This signature detects a remote buffer overflow vulnerability in Windows Media Player.

Additional Information

Microsoft Windows Media Player is a multimedia application available for the Windows operating system.

The Microsoft Windows Media Player is prone to a remote code-execution vulnerability when handling specially crafted media content. Specifically, the issue affects the windows multimedia library ('winmm.dll') when parsing a specially-crafted 'MTrk' chunk of a MIDI file.

An attacker can exploit this issue by enticing an unsuspecting user to view a malicious webpage.

Successful exploits will allow the attacker to execute arbitrary code in the context of the user running the application which can compromise the application and possibly the computer.


  • Various Windows platforms


The vendor released an advisory and updates to address this issue. Please see the references for more information.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube