Microsoft Windows Media Player MIDI Code Execution (MS12-004; CVE-2012-0003)
| Check Point Reference: | CPAI-2012-014 | |
| Date Published: | ||
| Severity: | ||
| Source: | Microsoft Security Bulletin MS12-004 | |
| Industry Reference(s): | CVE-2012-0003 | |
| Protection Provided by: |
Security Gateway
|
|
|
Who is Vulnerable? Windows XP Service Pack 3 Windows XP Media Center Edition 2005 Service Pack 3 Windows XP Professional x64 Edition Service Pack 2 Windows Server 2003 Service Pack 2 Windows Server 2003 x64 Edition Service Pack 2 Windows Server 2003 with SP2 for Itanium-based Systems Windows Vista Service Pack 2 Windows Vista x64 Edition Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for Itanium-based Systems Service Pack 2 |
||
| Vulnerability Description A remote code execution vulnerability has been reported in Windows Media Player. |
||
|
Update/Patch Available Apply patches from: MS12-004 |
|
|
Vulnerability Details The vulnerability is due to an error in Windows Media Player while handling specially crafted MIDI files. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted MIDI file with an affected version of Media Player. Successful exploitation could allow an attacker to run arbitrary code in the context of the current user. |
Protection Overview
This protection will detect and block the transferring of malicious MIDI files.
In order for the protection to be activated, update your Security Gateway/VPN-1 product to the latest IPS/SmartDefense update. For information on how to update IPS/SmartDefense, go to SBP-2006-05, Protection tab and select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.