Lucene search
SAINT CorporationSAINT:5374E02C884E4A68F7E2D26C4B475B21HistoryDec 30, 2005 - 12:00 a.m.
Windows WMF handling vulnerability
2005-12-3000:00:00
SAINT Corporation
download.saintcorporation.com
10
0.974 High
EPSS
Percentile
99.9%
Added: 12/30/2005
CVE: CVE-2005-4560
BID: 16074
OSVDB: 21987
Background
A Windows Metafile (WMF) image is a 16-bit metafile format that can contain both vector information and bitmap information.
Problem
A flaw in the way specially crafted WMF images are handled can allow arbitrary command execution when the image is rendered.
Resolution
Apply one of the workarounds referenced in Microsoft Advisory 912840.
References
<http://www.microsoft.com/technet/security/advisory/912840.mspx>
Limitations
Exploit works on Internet Explorer 6.0.
Platforms
Windows
Related
securityvulns
securityvulns
saint
saint
Windows WMF handling vulnerability
2005-12-30 00:00:00
Windows WMF handling vulnerability
2005-12-30 00:00:00
Windows WMF handling vulnerability
2005-12-30 00:00:00
cert
cert
Microsoft Windows Metafile handler SETABORTPROC GDI Escape vulnerability
2005-12-28 00:00:00
packetstorm
packetstorm
Windows XP/2003/Vista Metafile Escape() SetAbortProc Code Execution
2009-11-26 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Windows WMF Handling Arbitrary Code Execution (CVE-2005-4560)
2010-03-22 00:00:00
nessus
nessus
canvas
canvas
Immunity Canvas: WMF_SETABORT
2005-12-28 19:03:00
ubuntucve
ubuntucve
CVE-2006-0106
2006-01-06 00:00:00
CVE-2005-4560
2005-12-28 00:00:00
cve
cve
prion
prion
Sql injection
2007-04-04 16:19:00
Integer overflow
2006-01-10 21:03:00
Code injection
2006-01-06 18:03:00
debiancve
debiancve
CVE-2006-0106
2006-01-06 18:03:00