MS12-004: Vulnerabilities in Windows Media Could Allow Remote Code Execution (2636391)
10 JAN 2012
Internet Security Systems Guidance
Two privately reported vulnerabilities that could be exploited for remote code execution were fixed in this update. One of these vulnerabilities is in how the Windows multimedia library handles specially crafted MIDI files. The other vulnerability is in how DirectShow handles specially crafted embedded subtitles.
X-Force Database: http://xforce.iss.net/xforce/xfdb/71992
X-Force Database: http://xforce.iss.net/xforce/xfdb/71994
X-Force Database: http://xforce.iss.net/xforce/xfdb/71993