Windows Media MIDI Invalid Channel

2012-02-0600:00:00

SAINT Corporation

download.saintcorporation.com

9.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.973 High

EPSS

Percentile

99.9%

JSON

Added: 02/06/2012
CVE: CVE-2012-0003
BID: 51292
OSVDB: 78210

Background

Musical Instrument Digital Interface (MIDI) is an industry specification for encoding, storing, synchronizing, and transmitting the musical performance and control data of electronic musical instruments and other electronic equipment. Microsoft Windows supports the playback of MIDI files through the DirectShow and Windows Multimedia Libraries.

Problem

Microsoft DirectShow and Windows Multimedia Library improperly validate the channel field in MIDI files, causing the libraries to be vulnerable to memory corruption. If an attacker were to successfully convince a user into opening a specially formatted MIDI file, the attack could gain execution control of the user’s system.

Resolution

Apply the KB specified for your system in Microsoft Security Bulletin MS12-004.

References

<http://technet.microsoft.com/en-us/security/bulletin/ms12-004>
<http://threatpost.com/en_us/blogs/attackers-targeting-windows-media-bug-malware-012712>

Limitations

This exploit has been tested against Microsoft Internet Explorer 8 with KB2618444 on Windows XP SP3 English (DEP OptIn) and Windows Vista SP2 (DEP OptIn), and Microsoft Internet Explorer 9 with KB2618444 on Windows Vista SP2 (DEP OptIn).