Crafted Metafile (WMF) Denial of Service Vulnerability

vendor:

Unknown

by:

Winny Thomas

5.5

CVSS

MEDIUM

Denial of Service

Unknown

CWE

Product Name: Unknown

Affected Version From: Unknown

Affected Version To: Unknown

Patch Exists: NO

Related CWE: Unknown

CPE: Unknown

Metasploit:

Other Scripts:

Platforms Tested: Windows 2000 server SP4

Unknown

Crafted Metafile (WMF) Denial of Service Vulnerability

The crafted metafile (WMF) crashes Windows Explorer when viewed. The issue occurs when the 'mtNoObjects' field in the Metafile header is set to 0x0000. This code was tested on Windows 2000 server SP4 and does not occur with the hotfix for GDI (MS05-053) installed.

Mitigation:

Unknown

Source

Crafted Metafile (WMF) Denial of Service Vulnerability

Mitigation:

Exploit-DB raw data: