7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.29 Low
EPSS
Percentile
96.9%
A Microsoft Windows DirectX library, quartz.dll
, does not properly validate certain parameters in Musical Instrument Digital Interface (MIDI) files. An attacker could exploit this vulnerability to execute arbitrary code or crash any application using the library, causing a denial of service.
Microsoft Windows operating systems includes multimedia technologies called DirectX and DirectShow. From MS03-030,
DirectX consists of a set of low-level Application Programming Interfaces (APIs) that are used by Windows programs for multimedia support. Within DirectX, the DirectShow technology performs client-side audio and video sourcing, manipulation, and rendering.
DirectShow support for MIDI files is implemented in a library called quartz.dll
. This library does not adequately validate the Text or Copyright parameters in MIDI files. As a result, a specially crafted MIDI file could cause an integer overflow, leading to heap memory corruption. Further technical details are available in eEye Digital Security advisory AD20030723.
Any application that uses DirectX/DirectShow to process MIDI files could be affected by this vulnerability. Of particular concern, Internet Explorer (IE) loads the vulnerable library to process MIDI files embedded in HTML documents. An attacker could therefore exploit this vulnerability by convincing a victim to view an HTML document (web page, HTML email message) containing an embedded MIDI file. Note that a number of applications (Outlook, Outlook Express, Eudora, AOL, Lotus Notes, Adobe PhotoDeluxe, others) use the IE HTML rendering engine (WebBrowser ActiveX control) to interpret HTML documents.
A similar vulnerability in quartz.dll
is documented in VU#265232.
By convincing a victim to access a specially crafted MIDI or HTML file, an attacker could execute arbitrary code with the privileges of the victim. The attacker could also cause a denial of service in any
application that uses the vulnerable library.
Apply a patch or upgrade
Apply the appropriate patch as referenced in Microsoft Security Bulletin MS03-030. The updated library (quartz.dll
) is included in DirectX 9.0b and Service Pack 4 for Windows 2000.
Modify IE settings
It is possible to significantly limit the ability of IE to automatically load MIDI files from HTML documents by making all of the following modifications:
* Disable Active scripting
* Disable Run ActiveX controls and plug-ins (stops <EMBED src=x.mid>)
* Disable Play sounds in web pages (stops <BGSOUND src=x.mid>)
* Disable Play videos in web pages (stops <IMG dynsrc=x.mid>)
561284
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Updated: July 25, 2003
Affected
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Please see Microsoft Security Bulletin MS03-030.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23561284 Feedback>).
Group | Score | Vector |
---|---|---|
Base | ||
Temporal | ||
Environmental |
This vulnerability was reported by eEye Digital Security. Information from eEye Digital Security advisory AD20030723 and Microsoft Security Bulletin MS03-030 was used to write this document.
This document was written by Art Manion.
CVE IDs: | CVE-2003-0346 |
---|---|
CERT Advisory: | CA-2003-18 Severity Metric: |