2 matches found
Microsoft Windows WMF Handling Arbitrary Code Execution (CVE-2005-4560)
There exists a code execution vulnerability in Microsoft Windows. The vulnerability is created by unrestricted access to GDI functions through WMF files. An attacker can exploit this vulnerability to supply and execute arbitrary code through calling a specific GDI function via a crafted WMF file...
Windows WMF handling vulnerability
Added: 12/30/2005 CVE: CVE-2005-4560 BID: 16074 OSVDB: 21987 Background A Windows Metafile WMF image is a 16-bit metafile format that can contain both vector information and bitmap information. Problem A flaw in the way specially crafted WMF images are handled can allow arbitrary command executio...