Microsoft Windows WMF Graphics-Rendering Engine Memory Corruption Vulnerabilities

vendor:

Windows WMF Graphics-Rendering Engine

by:

SecurityFocus

4.3

CVSS

MEDIUM

Memory Corruption

119

CWE

Product Name: Windows WMF Graphics-Rendering Engine

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows

2006

Microsoft Windows WMF Graphics-Rendering Engine Memory Corruption Vulnerabilities

Microsoft Windows WMF graphics-rendering engine is affected by multiple memory-corruption vulnerabilities. These issues affect the 'ExtCreateRegion' and 'ExtEscape' functions. These problems present themselves when a user views a malicious WMF-formatted file containing specially crafted data. Reports indicate that these issues lead to a denial-of-service condition.

Mitigation:

Users should avoid opening WMF-formatted files from untrusted sources.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/16167/info

Microsoft Windows WMF graphics-rendering engine is affected by multiple memory-corruption vulnerabilities. These issues affect the 'ExtCreateRegion' and 'ExtEscape' functions.

These problems present themselves when a user views a malicious WMF-formatted file containing specially crafted data.

Reports indicate that these issues lead to a denial-of-service condition. Earlier conjectures that the issues may result in the execution of arbitrary code appear at this point to be incorrect. Attackers could force a crash or restart of the viewing application. 

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/27051.rar