Alias(es)Windows.EMF.Buffer.Overflow.B, Windows.EMF.Buffer.Overflow.A |
Release DateSep 11, 2006 |
Severitycritical |
ImpactSystem compromise: remote code execution. |
DescriptionThis indicates an attempt to exploit a buffer overflow vulnerability in the Graphic Rendering Engine of Microsoft Windows.There is a heap overflow vulnerability in the Graphic Rendering Engine of MS Windows 2000, XP, and 2003 that allows remote attackers to execute arbitrary code. This may happen when rendering specially crafted Windows Metafile (WMF) and Enhanced Metafile (EMF) image files. Any program that renders WMF or EMF images on the affected systems could be vulnerable to this attack. An attacker who successfully exploits this vulnerability could take complete control of an affected system. |
Affected ProductsAny application running on an unprotected Microsoft Windows 2000, 2003, or XP that renders WMF or EMF image files is vulnerability to this attack. |
Recommended ActionsApply appropriate patches from Microsoft. |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2004-0209 |
Reference/shttp://www.microsoft.com/technet/security/Bulletin/MS04-032.mspx (MS-ID)http://www.securityfocus.com/bid/11375 (BugTraq) |
