Vulnerability Note VU#806278
Microsoft Windows contains buffer overflow in processing of WMF and EMF image files
A vulnerability in the way the Microsoft Windows Graphics Rendering Engine processes certain types of image files could allow an attacker to execute arbitrary code on a vulnerable system.
The Microsoft Windows Graphics Rendering Engine supports a number of image formats including Windows Metafile (WMF) and Enhanced Metafile (EMF). There is a vulnerability in the way a buffer is validated by the Graphics Rendering Engine when processing these image formats. Exploitation of this vulnerability could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.
Microsoft reports that this vulnerability is different than the GDI+ vulnerability described in MS04-028 and that the vulnerable component is not redistributed with other applications. The affected component in the GDI+ vulnerability could be redistributed by other applications.
A remote attacker may be able to cause a denial of service or potentially execute arbitrary code on a vulnerable system by introducing a specially crafted WMF or EMF file. This malicious WMF or EMF image may be introduced to the system via a malicious web page, HTML email, or an email attachment.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Microsoft Corporation||Affected||-||13 Oct 2004|
CVSS Metrics (Learn More)
This document was written by Damon Morda and based on information provided by Microsoft.
- CVE IDs: CAN-2004-0209
- Date Public: 12 Oct 2004
- Date First Published: 13 Oct 2004
- Date Last Updated: 13 Oct 2004
- Severity Metric: 25.31
- Document Revision: 10
If you have feedback, comments, or additional information about this vulnerability, please send us email.