Vulnerability Name: | CVE-2003-0906 (CCN-15284) | ||||||||||||||||
Assigned: | 2003-11-04 | ||||||||||||||||
Published: | 2004-02-23 | ||||||||||||||||
Updated: | 2018-10-12 | ||||||||||||||||
Summary: | Buffer overflow in the rendering for (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1 allows remote attackers to execute arbitrary code via a malformed WMF or EMF image. | ||||||||||||||||
CVSS v3 Severity: | 9.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||||||||||
CVSS v2 Severity: | 7.6 High (CVSS v2 Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C)
| ||||||||||||||||
Vulnerability Type: | CWE-Other | ||||||||||||||||
Vulnerability Consequences: | Gain Access | ||||||||||||||||
References: | Source: CCN Type: BugTraq Mailing List, Fri Feb 20 2004 - 12:45:39 CST Windows XP explorer.exe heap overflow Source: CCN Type: BugTraq Mailing List, Mon Feb 23 2004 - 15:31:07 CST Re: Windows XP explorer.exe heap overflow. Source: MITRE Type: CNA CVE-2003-0906 Source: CCN Type: CIAC Information Bulletin O-114 Microsoft Security Update for Microsoft Windows [REVISED 25 Jun 2004] Source: CCN Type: US-CERT VU#547028 Microsoft Windows contains buffer overflow in processing of WMF and EMF image formats Source: CERT-VN Type: Patch, Third Party Advisory, US Government Resource VU#547028 Source: CCN Type: Microsoft Security Bulletin MS04-011 Security Update for Microsoft Windows (835732) Source: BID Type: UNKNOWN 10120 Source: CCN Type: BID-10120 Microsoft Windows WMF/EMF Image Formats Remote Buffer Overflow Vulnerability Source: CCN Type: BID-9707 Microsoft Windows XP explorer.exe Multiple Memory Corruption Vulnerabilities Source: CERT Type: Third Party Advisory, US Government Resource TA04-104A Source: CCN Type: Internet Security Systems Security Alert, April 13, 2004 Multiple Vulnerabilities in Microsoft Products Source: MS Type: UNKNOWN MS04-011 Source: XF Type: UNKNOWN winxp-shell-shimgvw-bo(15284) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:1064 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:897 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:959 | ||||||||||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: ![]() | ||||||||||||||||
Oval Definitions | |||||||||||||||||
| |||||||||||||||||
BACK |