Oval Definition:oval:org.mitre.oval:def:1064
Revision Date:2011-05-16Version:48
Title:Windows XP WMF/EMF Buffer Overflow
Description:Buffer overflow in the rendering for (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1 allows remote attackers to execute arbitrary code via a malformed WMF or EMF image.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2003-0906
Platform(s):Microsoft Windows XP
Product(s):Enhanced Metafile (EMF)
Windows Metafile (WMF)
Definition Synopsis
  • a vulnerable version of mf3216.dll exists on XP
  • 32-bit version of Windows and a vulnerable version of mf3216.dll exists
  • 32-Bit version of Windows is installed
  • AND a vulnerable version of mf3216.dll exists depending on service pack level
  • no service pack is installed and mf3216.dll is less than 5.1.2600.132
  • NOT Win2K/XP/2003 is patched
  • AND the version of mf3216.dll is less than 5.1.2600.132
  • OR service pack 1 is installed and mf3216.dll is less than 5.1.2600.1331
  • Win2K/XP/2003/Vista service pack 1 is installed
  • AND the version of mf3216.dll is less than 5.1.2600.1331
  • OR 64-bit version of Windows and mf3216.dll is less than 5.1.2600.1331
  • a version of Windows for the ia64 architecture is installed
  • AND the version of mf3216.dll is less than 5.1.2600.1331
  • AND NOT the patch kb835732 is installed
  • AND Windows XP (sp1 or earlier) is installed
  • Windows XP is installed
  • AND NOT Win2K/XP/2003 service pack 2 (or later) is installed
    • BACK