Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0106

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-0106
Last Modified 07 Mar 2011 09:29:20
Published 06 Jan 2006 01:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-0106

Summary

gdi/driver.c and gdi/printdrv.c in Wine 20050930, and other versions, implement the SETABORTPROC GDI Escape function call for Windows Metafile (WMF) files, which allows attackers to execute arbitrary code, the same vulnerability as CVE-2005-4560 but in a different codebase.

Vulnerable Systems

Application

  • Wine 0.9.2

  • Wine 0.9.4

  • Wine 0.9.5

  • Wine 2005-09-30


References

SECUNIA - 18323

MISC - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=346197

VUPEN - ADV-2006-0098

MLIST - [Dailydave] 20060105 WMF goes away :<

XF - win-wmf-execute-code(23846)

BUGTRAQ - 20060117 ERRATA: [ GLSA 200601-09 ] Wine: Windows Metafile SETABORTPROC vulnerability

SUSE - SUSE-SR:2006:002

MANDRIVA - MDKSA-2006:014

GENTOO - GLSA-200601-09

DEBIAN - DSA-954

SECUNIA - 18578

SECUNIA - 18549

SECUNIA - 18451


Last Updated: 27 May 2016 10:41:32