Vulnerability Name:

CVE-2006-2376 (CCN-26815)

Assigned:2006-06-13
Published:2006-06-13
Updated:2018-10-18
Summary:Integer overflow in the PolyPolygon function in Graphics Rendering Engine on Microsoft Windows 98 and Me allows remote attackers to execute arbitrary code via a Windows Metafile (WMF) or EMF image with a sum of entries in the vertext counts array and number of polygons that triggers a heap-based buffer overflow.
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-189
Vulnerability Consequences:Gain Access
References:Source: CCN
Type: BugTraq Mailing List, Mon Jun 12 2006 - 21:38:46 CDT
SYMSA-2006-004: Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution

Source: CCN
Type: BugTraq Mailing List, Wed Jul 12 2006 - 14:58:42 CDT
SYMSA-2006-004 (Full Details): Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution

Source: MITRE
Type: CNA
CVE-2006-2376

Source: CCN
Type: SA20631
Microsoft Windows Graphics Rendering Engine Vulnerability

Source: SECUNIA
Type: Patch, Vendor Advisory
20631

Source: SREASON
Type: UNKNOWN
1094

Source: CCN
Type: SECTRACK ID: 1016286
Microsoft Windows 98 Graphics Rendering Engine Buffer Overflow in Processing WMF Images Lets Remote Users Execute Arbitrary Code

Source: SECTRACK
Type: UNKNOWN
1016286

Source: CCN
Type: ASA-2006-126
Windows Security Updates for June 2006 - (MS06-021 - MS06-032)

Source: CCN
Type: US-CERT VU#909508
Microsoft Graphics Rendering Engine fails to properly handle WMF images

Source: CERT-VN
Type: US Government Resource
VU#909508

Source: CCN
Type: Microsoft Security Bulletin MS06-026
Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution (918547)

Source: OSVDB
Type: UNKNOWN
26431

Source: CCN
Type: OSVDB ID: 26431
Microsoft Windows Graphics Rendering Engine PolyPolygon Function Overflow

Source: BUGTRAQ
Type: UNKNOWN
20060613 SYMSA-2006-004: Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution

Source: BID
Type: UNKNOWN
18322

Source: CCN
Type: BID-18322
Microsoft Windows GDI WMF Handling Heap Overflow Vulnerability

Source: CERT
Type: US Government Resource
TA06-164A

Source: VUPEN
Type: Vendor Advisory
ADV-2006-2324

Source: MS
Type: UNKNOWN
MS06-026

Source: XF
Type: UNKNOWN
win-gre-wmf-code-execution(26815)

Source: XF
Type: UNKNOWN
win-gre-wmf-code-execution(26815)

Vulnerable Configuration:Configuration 1:
  • cpe:/o:microsoft:windows_98:*:gold:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_98se:*:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_me:*:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/o:microsoft:windows_98:*:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_98se:*:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_me:*:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    microsoft windows 98 * gold
    microsoft windows 98se *
    microsoft windows me *
    microsoft windows 98 *
    microsoft windows 98se *
    microsoft windows me *