A vulnerability in the way the Microsoft Windows Graphics Rendering Engine processes certain types of image files could allow an attacker to execute arbitrary code on a vulnerable system.
The Microsoft Windows Graphics Rendering Engine supports a number of image formats including Windows Metafile (WMF) and Enhanced Metafile (EMF). There is a vulnerability in the way a buffer is validated by the Graphics Rendering Engine when processing these image formats. Exploitation of this vulnerability could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.
Microsoft reports that this vulnerability is different than the GDI+ vulnerability described in MS04-028 and that the vulnerable component is not redistributed with other applications. The affected component in the GDI+ vulnerability could be redistributed by other applications.
A remote attacker may be able to cause a denial of service or potentially execute arbitrary code on a vulnerable system by introducing a specially crafted WMF or EMF file. This malicious WMF or EMF image may be introduced to the system via a malicious web page, HTML email, or an email attachment.
This vulnerability was reported by Microsoft. Microsoft credits Patrick Porlan and Mark Russinovich of Winternals Software for discovering this vulnerability.
|Date First Published:||2004-10-13|
|Date Last Updated:||2004-10-13 17:01 UTC|