[VIM] Media .MID file DoS extra info

Steven M. Christey coley at linus.mitre.org
Fri Dec 15 16:26:06 EST 2006

ref: Windows Media MID File Denial Of Service Vulnerability

A .MID specification is here:


Looking at the header chunk, the following things are of note:

1) number of tracks is 0, but is expected to be 1 or more.

2) time division is zero, but is probably expected to be non-zero.
Suppositions regarding what bugs a "0" in a field called "division" might
trigger are welcome.

3) Only the header chunk is provided; given assumption of 1 or more
tracks, the "missing track" might also be an issue independent of the 0
value in item 1.

I don't know what is causing the issue, but the above items may be

- Steve

More information about the VIM mailing list