Microsoft Windows may be vulnerable to remote code execution via a buffer overflow in the Windows Metafile image format handling.
Windows Metafile (WMF) format images are metafiles that can contain both vector and bitmap-based information. Microsoft Windows contains routines for displaying WMF files. However, a lack of input validation in on of these routines may allow a buffer overflow to occur, and in turn may allow remote arbitrary code execution.
A remote, unauthenticated attacker may be able to execute arbitrary code if the user is persuaded to view a specially-crafted WMF file.
Apply an update
Please see Microsoft Security Bulletin MS05-053 for details on updates, workarounds, and solutions.
Thanks to Microsoft for reporting this vulnerability, who in turn thank Venustech AdDLab, eEye Digital Security and Peter Ferrie of Symantec Security Response for information on the issue.
This document was written by Ken MacInnis.
|Date First Published:||2005-11-08|
|Date Last Updated:||2005-11-09 21:30 UTC|