Signature Detail
Short Name |
HTTP:STC:DL:MS-GDI-WMF-OF |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Microsoft Windows GDI WMF Handling Heap Overflow |
Release Date |
2014/09/18 |
Update Number |
2420 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Microsoft Windows GDI WMF Handling Heap Overflow
This signature detects attempts to exploit a known vulnerability against Microsoft Windows GDI WMF. A successful attack can lead to a stack-based overflow and arbitrary remote code execution within the context of the affected application.
Extended Description
The Microsoft Windows GDI Graphics Rendering Engine is prone to a heap-overflow vulnerability. This issue is exposed when the component loads a specially crafted WMF (Windows Metafile) image. If this issue is exploited, a malicious WMF or EMF file could potentially corrupt heap-based memory with attacker-supplied data. This could lead to the execution of arbitrary code and to a complete system compromise. An attacker could exploit the issue by enticing the victim user to visit a malicious web page that contains the image or to open an email attachment that consists of the image. This vulnerability is limited to Windows 98/98SE/ME systems.
Affected Products
- Microsoft Windows 98
- Microsoft Windows 98SE
- Microsoft Windows ME
References
- BugTraq: 18322
- CVE: CVE-2006-2376