Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2124

Overview

Vulnerability Score 7.6 7.6
CVE Id CVE-2005-2124
Last Modified 07 Mar 2011 09:23:27
Published 29 Nov 2005 04:03:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2005-2124

Summary

Unspecified vulnerability in the Graphics Rendering Engine (GDI32.DLL) in Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1, related to "An unchecked buffer" and possibly buffer overflows, allows remote attackers to execute arbitrary code via a crafted Windows Metafile (WMF) format image, aka "Windows Metafile Vulnerability."

Vulnerable Systems

Operating System

  • Microsoft Windows 2000

  • Microsoft Windows 2003 Server 64-bit

  • Microsoft Windows 2003 Server Itanium

  • Microsoft Windows 2003 Server R2

  • Microsoft Windows 2003 Server Sp1

  • Microsoft Windows Xp


References

CERT-VN - VU#433341

CERT - TA05-312A

MS - MS05-053

MISC - http://www.eeye.com/html/research/advisories/AD20051108b.html

VUPEN - ADV-2005-2348

SECTRACK - 1015168

BID - 15356

MISC - http://www.eeye.com/html/research/advisories/AD20051108a.html

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2005-228.pdf

SREASON - 161

SECUNIA - 17498

SECUNIA - 17461

SECUNIA - 17223


Last Updated: 27 May 2016 10:40:24