Lucene search
SAINT CorporationSAINT:4E2466CE9EEEE9C4FC3C525D91EA7E03HistoryDec 30, 2005 - 12:00 a.m.
Windows WMF handling vulnerability
2005-12-3000:00:00
SAINT Corporation
www.saintcorporation.com
10
0.972 High
EPSS
Percentile
99.8%
Added: 12/30/2005
CVE: CVE-2005-4560
BID: 16074
OSVDB: 21987
Background
A Windows Metafile (WMF) image is a 16-bit metafile format that can contain both vector information and bitmap information.
Problem
A flaw in the way specially crafted WMF images are handled can allow arbitrary command execution when the image is rendered.
Resolution
Apply one of the workarounds referenced in Microsoft Advisory 912840.
References
<http://www.microsoft.com/technet/security/advisory/912840.mspx>
Limitations
Exploit works on Internet Explorer 6.0.
Platforms
Windows
Related
securityvulns
securityvulns
saint
saint
Windows WMF handling vulnerability
2005-12-30 00:00:00
Windows WMF handling vulnerability
2005-12-30 00:00:00
Windows WMF handling vulnerability
2005-12-30 00:00:00
cert
cert
Microsoft Windows Metafile handler SETABORTPROC GDI Escape vulnerability
2005-12-28 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Windows WMF Handling Arbitrary Code Execution (CVE-2005-4560)
2010-03-22 00:00:00
canvas
canvas
Immunity Canvas: WMF_SETABORT
2005-12-28 19:03:00
nessus
nessus
packetstorm
packetstorm
Windows XP/2003/Vista Metafile Escape() SetAbortProc Code Execution
2009-11-26 00:00:00
cve
cve
ubuntucve
ubuntucve
CVE-2006-0106
2006-01-06 00:00:00
CVE-2005-4560
2005-12-28 00:00:00
prion
prion
Sql injection
2007-04-04 16:19:00
Integer overflow
2006-01-10 21:03:00
Code injection
2006-01-06 18:03:00
debiancve
debiancve
CVE-2006-0106
2006-01-06 18:03:00