CVE-2012-0003

HIGH EXPLOITED

Microsoft Windows 7 - Remote Code Execution

Title source: rule

Description

Unspecified vulnerability in winmm.dll in Windows Multimedia Library in Windows Media Player (WMP) in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows remote attackers to execute arbitrary code via a crafted MIDI file, aka "MIDI Remote Code Execution Vulnerability."

Exploits (3)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/18426

View Code ZIP pw:eip

nomisec NO CODE 2 stars

by k0keoyo · poc

https://github.com/k0keoyo/CVE-2012-0003_eXP

View Code ZIP pw:eip

metasploit WORKING POC NORMAL

by Shane Garrett, juan vazquez, sinn3r · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/ms12_004_midi.rb

View Code ZIP pw:eip

References (6)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/51292

[US Government Resource] http://www.us-cert.gov/cas/techalerts/TA12-010A.html

[Vendor Advisory] https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-004

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14337

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1026492

[Third Party Advisory] http://secunia.com/advisories/47485

Scores

CVSS v3 8.1

EPSS 0.8801

EPSS Percentile 99.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2012-01-26

Status published

Products (7)

microsoft/windows_7 (3 CPE variants)

microsoft/windows_server_2003

microsoft/windows_server_2008 (3 CPE variants)

microsoft/windows_server_2008 r2 (2 CPE variants)

microsoft/windows_vista

microsoft/windows_xp (2 CPE variants)

microsoft/windows_xp 2005 sp3

Published Jan 10, 2012

Tracked Since Feb 18, 2026