| Release Date | Nov 08, 2005 |
| Severity | High |
| Impact | Compromise of the affected system. |
| Description | It indicates an attacker tried to exploit a Heap Overflow vulnerability in the rendering of Microsoft Windows Metafile image format (WMF). Microsoft Windows rendering of Metafiles (WMF) contain a Heap Overflow vulnerability that could allow an attacker to execute arbitrary code. An attacker could send a malicious Metafile which when parsed by the Metafile engine, can cause heap memory corruption and code execution. |
| Affected Products | Most variants of Microsoft Windows Operating Systems are vulnerable. Please see references for more information. |
| Recommended Actions | Microsoft has issued a critical update for this vulnerability. Please apply MS05-053 to fix the vulnerability. |
| Common Vulnerabilities and Exposures (CVE) | http://cve.mitre.org/cgi-bin/cvename.cgi?name=2005-2124
|
| Microsoft Bulletin ID | MS05-053 http://www.microsoft.com/technet/security/Bulletin/MS05-053.mspx |
| Reference/s | http://www.securityfocus.com/bid/15356 (BugTraq)
|