MS12-004: Vulnerabilities in Windows Media Could Allow Remote Code Execution (2636391)

Issued: 10 JAN 2012

Internet Security Systems Guidance

Two privately reported vulnerabilities that could be exploited for remote code execution were fixed in this update. One of these vulnerabilities is in how the Windows multimedia library handles specially crafted MIDI files. The other vulnerability is in how DirectShow handles specially crafted embedded subtitles.

Coverage Related CVEs Coverage Date Exploit Dates Content Update Versions
MIDI_Invalid_Channel CVE-2012-0003
13 SEP 2011 (P) N/A
(F) 28 JAN 2012
(H) N/A
IBM Security Host Protection for Servers (Unix) 2.2.2
IBM Security Host Protection for Servers (Windows) 2.1.14.2680
Proventia Network IDS XPU 31.090
Proventia Network IPS XPU 31.090
Proventia Network MFS XPU 31.090
Proventia Server IPS for Linux technology 31.090
Proventia-G 1.1 and earlier XPU 31.090
RealSecure Network XPU 31.090
RealSecure Server Sensor XPU 31.090
Virtual Server Protection for Vmware XPU 31.090
win-ms12kb2636391-update CVE-2012-0003
CVE-2012-0004
10 JAN 2012 N/A Enterprise Scanner 1.89
Internet Scanner software 7.2 XPU 7.2.103

References

Microsoft: http://www.microsoft.com/technet/security/bulletin/ms12-004.mspx
X-Force Database: http://xforce.iss.net/xforce/xfdb/71992
X-Force Database: http://xforce.iss.net/xforce/xfdb/71994
X-Force Database: http://xforce.iss.net/xforce/xfdb/71993