Windows Metafile rendering buffer overflow

Added: 05/04/2006
CVE: CVE-2004-0209
BID: 11375
OSVDB: 10692

Background

A Windows Metafile image is a 16-bit metafile format that can contain both vector information and bitmap information.

Problem

A buffer overflow in the Windows Graphics Rendering Engine allows command execution when a malformed Windows Metafile is rendered.

Resolution

Apply the patch referenced in Microsoft Security Bulletin 04-032.

References

http://www.microsoft.com/technet/security/bulletin/ms04-032.asp

Limitations

Successful exploitation requires a user to load the exploit into Internet Explorer.

Platforms

Windows

Back to exploit index