| Name | MS.Windows.WMF.Rendering.Engine.Heap.Overflow |
| Release Date | Nov 08, 2005 |
| Severity | High |
| Impact | System Compromise |
| Description | This indicates an attack attempt to exploit a heap-based overflow vulnerability in Microsoft Windows Graphics Rendering Engine for Windows Metafile (WMF) and Enhanced Metafile (EMF) file formats. The vulnerability can be triggered by specially crafted WMF and EMF files. |
| Affected Products | Microsoft Windows 2000 Service Pack 4
Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
Microsoft Windows Server 2003 x64 Edition |
| Recommended Actions | Apply patch, available from the web site.
http://www.microsoft.com/technet/security/Bulletin/MS05-053.mspx |
| Common Vulnerabilities and Exposures (CVE) | http://cve.mitre.org/cgi-bin/cvename.cgi?name=2005-2123
|
| Microsoft Bulletin ID | MS05-053 http://www.microsoft.com/technet/security/Bulletin/MS05-053.mspx |
| Reference/s | http://www.securityfocus.com/bid/15352 (BugTraq)
|