SkipNavigation
Home | FAQ | Contact | Privacy Policy
US-CERT
American Flag
  Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information


 
 View Notes By
  Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric
 Other Documents
  Technical Alerts

Technical Bulletins

Alerts

Security Tips

Vulnerability Note VU#312956

Microsoft WMF memory corruption vulnerability

Overview

Microsoft applications fail to properly handle Windows Metafile (WMF) images potentially allowing a remote attacker to execute arbitrary code on a vulnerable system.

I. Description

The Microsoft Windows Graphics Rendering Engine supports a number of image formats including WMF images. Windows WMF processing routines do not properly handle WMF images. This may allow a remote attacker to manipulate memory management routines resulting in a buffer overflow. Note that WMF processing is used in many Windows programs including Internet Explorer and Outlook.

For more information, including a list of affected versions of Internet Explorer, please see Microsoft Security Advisory 913333 and Microsoft Security Bulletin MS06-004.

II. Impact

By persuading a user to open a specially crafted WMF image file, an attacker may be able to execute arbitrary code with the privileges of the user.

III. Solution

This issue is corrected in Internet Explorer 6 Service Pack 1. In addition, Microsoft Security Bulletin MS06-004 contains a cumulative update to correct this vulnerability.


Do not accept WMF files from untrusted sources

By only accessing WMF image files from trusted or known sources, the chances of exploitation are reduced.

Systems Affected

VendorStatusDate NotifiedDate Updated
Microsoft CorporationVulnerable14-Feb-2006

References


http://linuxbox.org/pipermail/funsec/2006-January/002828.html
http://www.microsoft.com/technet/security/advisory/913333.mspx
http://secunia.com/advisories/18729/
http://www.microsoft.com/windows/ie/downloads/critical/ie6sp1/default.mspx
http://www.microsoft.com/technet/security/Bulletin/MS06-004.mspx

Credit

This issue was reported in Microsoft Security Advisory 913333.

This document was written by Jeff Gennari.

Other Information

Date Public:2006-01-09
Date First Published:2006-02-09
Date Last Updated:2006-02-14
CERT Advisory: 
CVE-ID(s):CVE-2006-0020
NVD-ID(s):CVE-2006-0020
US-CERT Technical Alerts: 
Metric:19.30
Document Revision:27

If you have feedback, comments, or additional information about this vulnerability, please send us email.
 

 
Page Corner Image
Produced 2006 by US-CERT, a government organization
Disclaimers and copyright information
Get Adobe Reader Get Adobe Reader