CVE-2006-2376

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows 98se; Windows Me; Windows 98
Vendor: CVE Published:; 13 June 2006

Summary

Integer overflow in the PolyPolygon function in Graphics Rendering Engine on Microsoft Windows 98 and Me allows remote attackers to execute arbitrary code via a Windows Metafile (WMF) or EMF image with a sum of entries in the vertext counts array and number of polygons that triggers a heap-based buffer overflow.

References

http://securityreason.com/securityalert/1094

third-party-advisoryx_refsource_SREASON

http://www.vupen.com/english/advisories/2006/2324

vdb-entryx_refsource_VUPEN

http://www.osvdb.org/26431

vdb-entryx_refsource_OSVDB

EPSS Score

58% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jun 13, 2006
Vulnerability Reserved
May 15, 2006

Collectors

NVD DatabaseMitre Database