Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4560

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-4560
Last Modified 22 Sep 2011 12:00:00
Published 28 Dec 2005 02:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-4560

Summary

The Windows Graphical Device Interface library (GDI32.DLL) in Microsoft Windows allows remote attackers to execute arbitrary code via a Windows Metafile (WMF) format image with a crafted SETABORTPROC GDI Escape function call, related to the Windows Picture and Fax Viewer (SHIMGVW.DLL), a different vulnerability than CVE-2005-2123 and CVE-2005-2124, and as originally discovered in the wild on unionseek.com.

Vulnerable Systems

Operating System

  • Microsoft Windows 2003 Server Enterprise

  • Microsoft Windows 2003 Server R2

  • Microsoft Windows 2003 Server Standard

  • Microsoft Windows 2003 Server Web

  • Microsoft Windows Xp


References

CERT - TA06-005A

CERT - TA05-362A

CERT-VN - VU#181038

MS - MS06-001

XF - win-wmf-execute-code(23846)

MISC - http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL&DocumentOID=375420

MISC - http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL&DocumentOID=375341

VUPEN - ADV-2005-3086

BID - 16074

BUGTRAQ - 20060104 Another WMF exploit workaround

BUGTRAQ - 20060103 Re: [funsec] WMF round-up, updates and de-mystification

BUGTRAQ - 20060103 WMF SETABORTPROC exploit

BUGTRAQ - 20060103 WMF round-up, updates and de-mystification

BUGTRAQ - 20060101 Re: RE: WMF Exploit

BUGTRAQ - 20051229 RE: WMF Exploit

BUGTRAQ - 20051229 WMF exploit

BUGTRAQ - 20051228 WMF Exploit

BUGTRAQ - 20051228 Re: Is this a new exploit?

BUGTRAQ - 20051228 RE: [Full-disclosure] Someone wasted a nice bug on spyware...

BUGTRAQ - 20051227 Exploitation of Windows WMF on the web

BUGTRAQ - 20051227 Is this a new exploit?

MISC - http://www.microsoft.com/technet/security/advisory/912840.mspx

MISC - http://www.f-secure.com/weblog/archives/archive-122005.html#00000753

MISC - http://vil.mcafeesecurity.com/vil/content/v_137760.htm

MISC - http://support.avaya.com/elmodocs2/security/ASA-2006-001.htm

SECTRACK - 1015416

SECUNIA - 18415

SECUNIA - 18364

SECUNIA - 18311

SECUNIA - 18255

MISC - http://linuxbox.org/pipermail/funsec/2006-January/002455.html


Last Updated: 27 May 2016 10:41:20