Remote Memory Corruption Vulnerability in Microsoft Windows Graphics Rendering Engine
CVE-2006-0143

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows Xp; Windows 2003 Server; Windows 2000; Windows 98se
Vendor: CVE Published:; 9 January 2006

Summary

The Microsoft Windows Graphics Rendering Engine contains vulnerabilities that allow remote attackers to exploit specially crafted WMF files. This can lead to memory corruption issues, resulting in system crashes. Specifically, the vulnerabilities arise from the handling of ExtCreateRegion or ExtEscape function calls where the arguments provided have inconsistent lengths. Attackers can leverage these flaws to disrupt system availability, highlighting the importance of applying necessary security updates and practicing safe file handling.

References

http://securitytracker.com/id?1015453

vdb-entryx_refsource_SECTRACK

http://lostmon.blogspot.com/2007/08/windows-extended-file...

x_refsource_MISC

https://exchange.xforce.ibmcloud.com/vulnerabilities/24044

vdb-entryx_refsource_XF

EPSS Score

75% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jan 9, 2006
Vulnerability Reserved
Jan 9, 2006