| ID |
CVE-2003-0906
|
| Summary |
Buffer overflow in the rendering for (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1 allows remote attackers to execute arbitrary code via a malformed WMF or EMF image. |
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*
-
cpe:2.3:o:microsoft:windows_2000:*:sp4:*:fr:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp4:*:fr:*:*:*:*
-
cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:*:*:*:*:*:*
-
cpe:2.3:o:microsoft:windows_xp:*:sp1:tablet_pc:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp1:tablet_pc:*:*:*:*:*
|
| CVSS |
| Base: | 7.6 (as of 12-10-2018 - 21:33) |
| Impact: | |
| Exploitability: | |
|
| CWE |
NVD-CWE-Other |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| NETWORK |
HIGH |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| COMPLETE |
COMPLETE |
COMPLETE |
|
| cvss-vector
via4
|
AV:N/AC:H/Au:N/C:C/I:C/A:C
|
| oval
via4
|
| accepted | 2011-05-16T04:00:15.565-04:00 | | class | vulnerability | | contributors | | name | Andrew Buttner | | organization | The MITRE Corporation |
| name | Christine Walzer | | organization | The MITRE Corporation |
| name | Shane Shaffer | | organization | G2, Inc. |
| name | Sudhir Gandhe | | organization | Telos |
| name | Shane Shaffer | | organization | G2, Inc. |
| | description | Buffer overflow in the rendering for (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1 allows remote attackers to execute arbitrary code via a malformed WMF or EMF image. | | family | windows | | id | oval:org.mitre.oval:def:1064 | | status | accepted | | submitted | 2004-04-13T12:00:00.000-04:00 | | title | Windows XP WMF/EMF Buffer Overflow | | version | 71 |
| accepted | 2008-03-24T04:00:53.087-04:00 | | class | vulnerability | | contributors | | name | Andrew Buttner | | organization | The MITRE Corporation |
| name | Jonathan Baker | | organization | The MITRE Corporation |
| | definition_extensions | | comment | Microsoft Windows NT is installed | | oval | oval:org.mitre.oval:def:36 |
| | description | Buffer overflow in the rendering for (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1 allows remote attackers to execute arbitrary code via a malformed WMF or EMF image. | | family | windows | | id | oval:org.mitre.oval:def:897 | | status | accepted | | submitted | 2004-04-13T12:00:00.000-04:00 | | title | Windows NT WMF/EMF Buffer Overflow | | version | 74 |
| accepted | 2004-05-25T12:00:00.000-04:00 | | class | vulnerability | | contributors | | name | Andrew Buttner | | organization | The MITRE Corporation |
| | description | Buffer overflow in the rendering for (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1 allows remote attackers to execute arbitrary code via a malformed WMF or EMF image. | | family | windows | | id | oval:org.mitre.oval:def:959 | | status | accepted | | submitted | 2004-04-13T12:00:00.000-04:00 | | title | Windows 2000 WMF/EMF Buffer Overflow | | version | 64 |
|
| refmap
via4
|
| bid | 10120 | | cert | TA04-104A | | cert-vn | VU#547028 |
|
| Last major update |
12-10-2018 - 21:33 |
| Published |
01-06-2004 - 04:00 |
| Last modified |
12-10-2018 - 21:33 |
