CVE-2012-0003
Last modified
CVE-2012-0003 is a high-severity vulnerability rated 8.1/10 on the CVSS scale. Unspecified vulnerability in winmm.dll in Windows Multimedia Library in Windows Media Player (WMP) in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows remote attackers to execute arbitrary code via a crafted MIDI file, aka "MIDI Remote Code Execution Vulnerability.". EPSS estimates a 69.50% chance of exploitation in the next 30 days.
Description
Unspecified vulnerability in winmm.dll in Windows Multimedia Library in Windows Media Player (WMP) in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows remote attackers to execute arbitrary code via a crafted MIDI file, aka "MIDI Remote Code Execution Vulnerability."
Metrics
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Microsoft | Windows 7 | All versions | — |
| Microsoft | Windows Server 2003 | All versions | Sp2 |
| Microsoft | Windows Server 2008 | All versions | Sp2 |
| Microsoft | Windows Server 2008 | r2 | — |
| Microsoft | Windows Vista | All versions | Sp2 |
| Microsoft | Windows Xp | All versions | Sp2 |
| Microsoft | Windows Xp | 2005 | Sp3 |
References
- http://www.us-cert.gov/cas/techalerts/TA12-010A.htmlUS Government Resource
- http://www.us-cert.gov/cas/techalerts/TA12-010A.htmlUS Government Resource
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2012-0003?
How severe is CVE-2012-0003?
How do I fix CVE-2012-0003?
Are you affected by CVE-2012-0003?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST