ID CVE-2004-0209
Summary Unknown vulnerability in the Graphics Rendering Engine processes of Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code via (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats that involve "an unchecked buffer."
References
Vulnerable Configurations
  • cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_2003_server:r2:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_2003_server:r2:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_xp:*:gold:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_xp:*:gold:*:*:*:*:*:*
CVSS
Base: 10.0 (as of 12-10-2018 - 21:34)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
assigner via4 cve@mitre.org
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:C/A:C
oval via4
  • accepted 2004-12-09T08:46:00.000-04:00
    class vulnerability
    contributors
    name Ingrid Skoog
    organization The MITRE Corporation
    description Unknown vulnerability in the Graphics Rendering Engine processes of Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code via (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats that involve "an unchecked buffer."
    family windows
    id oval:org.mitre.oval:def:1872
    status accepted
    submitted 2004-10-14T09:59:00.000-04:00
    title Windows XP Enhanced Metafile Image Format Rendering Buffer Overflow
    version 63
  • accepted 2004-11-17T10:00:00.000-04:00
    class vulnerability
    contributors
    name Ingrid Skoog
    organization The MITRE Corporation
    description Unknown vulnerability in the Graphics Rendering Engine processes of Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code via (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats that involve "an unchecked buffer."
    family windows
    id oval:org.mitre.oval:def:2114
    status accepted
    submitted 2004-10-13T11:11:00.000-04:00
    title Windows 2000 Enhanced Metafile Image Format Rendering Buffer Overflow
    version 64
  • accepted 2004-11-17T10:00:00.000-04:00
    class vulnerability
    contributors
    • name Ingrid Skoog
      organization The MITRE Corporation
    • name Ingrid Skoog
      organization The MITRE Corporation
    description Unknown vulnerability in the Graphics Rendering Engine processes of Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code via (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats that involve "an unchecked buffer."
    family windows
    id oval:org.mitre.oval:def:2428
    status accepted
    submitted 2004-10-13T11:29:00.000-04:00
    title Windows XP/Server 2003 (64-Bit) Enhanced Metafile Image Format Rendering Buffer Overflow
    version 64
refmap via4
bid 11375
bugtraq 20041019 [EXPL] (MS04-032) Microsoft Windows XP Metafile (.emf) Heap Overflow
cert-vn VU#806278
ms MS04-032
xf
  • win-emf-bo(16581)
  • win-ms04032-patch(17658)
saint via4
bid 11375
description Windows Metafile rendering buffer overflow
id win_patch_wmf
osvdb 10692
title windows_metafile
type client
vulnerable_product via4
  • cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_2003_server:r2:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_xp:*:gold:*:*:*:*:*:*
Last major update 12-10-2018 - 21:34
Published 03-11-2004 - 05:00
Back to Top