CVE-2005-2124

Sažetak

Unspecified vulnerability in the Graphics Rendering Engine (GDI32.DLL) in Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1, related to "An unchecked buffer" and possibly buffer overflows, allows remote attackers to execute arbitrary code via a crafted Windows Metafile (WMF) format image, aka "Windows Metafile Vulnerability."

Reference

http://secunia.com/advisories/17223
http://secunia.com/advisories/17461
http://secunia.com/advisories/17498
http://securityreason.com/securityalert/161
http://securitytracker.com/id?1015168
http://support.avaya.com/elmodocs2/security/ASA-2005-228.pdf
http://www.eeye.com/html/research/advisories/AD20051108a.html
http://www.eeye.com/html/research/advisories/AD20051108b.html
http://www.kb.cert.org/vuls/id/433341
http://www.securityfocus.com/bid/15356
http://www.us-cert.gov/cas/techalerts/TA05-312A.html
http://www.vupen.com/english/advisories/2005/2348
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-053

CVSS

Base:	7.6
Impact:	10.0
Exploitability:	4.9

Pristup

Vektor	Složenost	Autentikacija
NETWORK	HIGH	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:H/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

12-10-2018 - 21:37

Objavljeno

29-11-2005 - 21:03