Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2012-0003

12 documents9 sources

Severity

8.1HIGH

EPSS

88.0%

top 0.52%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Microsoft Windows Server 2008 Microsoft Windows XP

Timeline

PublishedJan 10

Latest updateMay 4

Description

Unspecified vulnerability in winmm.dll in Windows Multimedia Library in Windows Media Player (WMP) in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows remote attackers to execute arbitrary code via a crafted MIDI file, aka "MIDI Remote Code Execution Vulnerability."

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.2 | Impact: 5.9

Affected Packages2 packages

▶NVDmicrosoft/windowsr2

▶NVDmicrosoft/windows_xp2005

🔴Vulnerability Details

GHSA

GHSA-6mjj-vx26-x966: Unspecified vulnerability in winmm↗2022-05-04

▶

CVEList

CVE-2012-0003: Unspecified vulnerability in winmm↗2012-01-10

▶

VulnCheck

Windows Media Player (WMP) MIDI Remote Code Execution Vulnerability↗2012

▶

💥Exploits & PoCs

Exploit-DB

Microsoft Windows - midiOutPlayNextPolyEvent Heap Overflow (MS12-004) (Metasploit)↗2012-01-28

▶

🔍Detection Rules

Suricata

ET WEB_CLIENT Likely MS12-004 midiOutPlayNextPolyEvent Heap Overflow Midi Filename Requested baby.mid↗2012-02-07

▶

Suricata

ET WEB_CLIENT Microsoft Windows Media component specific exploit↗2012-01-28

▶

📋Vendor Advisories

Red Hat

condor: privilege escalation via jobs submitted to the standard universe (CONDOR-2012-0003)↗2012-10-22

▶

🕵️Threat Intelligence

Talos

MIDI Karaoke Background or Malware Vector?↗2012-03-20

▶

Talos

MIDI Karaoke Background or Malware Vector?↗2012-03-20

▶

💬Community

Bugzilla

CVE-2012-5390 condor: privilege escalation via jobs submitted to the standard universe (CONDOR-2012-0003)↗2013-01-11

▶