CVE-2006-0020

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows 98se; Windows Xp; Windows 2003 Server; Windows Me
Vendor: CVE Published:; 10 January 2006

Summary

An unspecified Microsoft WMF parsing application, as used in Internet Explorer 5.01 SP4 on Windows 2000 SP4, and 5.5 SP2 on Windows Millennium, and possibly other versions, allows attackers to cause a denial of service (crash) and possibly execute code via a crafted WMF file with a manipulated WMF header size, possibly involving an integer overflow, a different vulnerability than CVE-2005-4560, and aka "WMF Image Parsing Memory Corruption Vulnerability."

References

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

http://www.osvdb.org/22976

vdb-entryx_refsource_OSVDB

http://secunia.com/advisories/18912

third-party-advisoryx_refsource_SECUNIA

EPSS Score

46% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jan 10, 2006
Vulnerability Reserved
Nov 30, 2005