PT-2012-2229 · Microsoft · Windows Media Player+5

Published

2012-01-10

Updated

2024-10-17

CVE-2012-0003

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Windows Media Player versions in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2

Description A remote code execution issue exists in Windows Media Player, allowing attackers to execute arbitrary code via a crafted MIDI file. This could enable an attacker to take complete control of an affected system.

Recommendations For Windows Media Player in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2, consider disabling the playback of MIDI files in Windows Media Player until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2012-0003

Affected Products

Server 2003

Server 2008

Vista

Windows

Windows Media Player

Windows Xp

PT-2012-2229 · Microsoft · Windows Media Player+5

CVE-2012-0003

Related Identifiers

Affected Products

References · 12