Alias(es)IE.XP.WMF.Code.Execution.B |
Release DateSep 11, 2006 |
Severityhigh |
ImpactSystem compromise: remote code execution. |
DescriptionThis indicates a possible exploit of a vulnerability in Microsoft Windows which may allow remote attackers to execute arbitrary commands.This vulnerability is due to an error in the rendering of Windows Metafile (WMF) image formats. It can be exploited to remotely take complete control of an affected system by convincing a user to open a malicious WMF file using a vulnerable application. |
Affected ProductsMicrosoft Windows XP Service Pack 2 and earlier versions.Microsoft Windows Server 2003 Service Pack 1 and earlier versions. |
Recommended ActionsApply the appropriate patch from the vendor. |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2005-4560 |
Reference/shttp://www.securityfocus.com/bid/16074 (BugTraq)http://www.frsirt.com/english/advisories/2005/3086 (FrSIRT) |
