(MS06-001) Microsoft Windows WMF "SETABORTPROC" Arbitrary Code Execution
Schweregrad:: Hoch
CVE Kennungen:: CVE-2005-4560
Hinweisdatum: 04 Februar 2011
Beschreibung
The Windows Graphical Device Interface library (GDI32.DLL) in Microsoft Windows allows remote attackers to execute arbitrary code via a Windows Metafile (WMF) format image with a crafted SETABORTPROC GDI Escape function call, related to the Windows Picture and Fax Viewer (SHIMGVW.DLL), a different vulnerability than CVE-2005-2123 and CVE-2005-2124, and as originally discovered in the wild on unionseek.com.
Trend Micro Lösungen
Trend Micro Deep Security shields networks through Deep Packet Inspection (DPI) rules. Trend Micro customers using OfficeScan with Intrusion Defense Firewall (IDF) plugin are also protected from attacks using these vulnerabilities. Please refer to the filter number and filter name when applying appropriate DPI and/or IDF rules.
Betroffene Software und Version:
- Microsoft Windows Server 2003 Datacenter
- Microsoft Windows Server 2003 Datacenter SP1
- Microsoft Windows Server 2003 Enterprise
- Microsoft Windows Server 2003 Enterprise SP1
- Microsoft Windows Server 2003 Standard
- Microsoft Windows Server 2003 Standard SP1
- Microsoft Windows Server 2003 Web
- Microsoft Windows Server 2003 Web SP1
- Microsoft Windows XP Home
- Microsoft Windows XP Home SP1
- Microsoft Windows XP Home SP2
- Microsoft Windows XP Media Center
- Microsoft Windows XP Media Center SP1
- Microsoft Windows XP Media Center SP2
- Microsoft Windows XP Professional
- Microsoft Windows XP Professional SP1
- Microsoft Windows XP Professional SP2
- Microsoft Windows XP Tablet PC
- Microsoft Windows XP Tablet PC SP1
- Microsoft Windows XP Tablet PC SP2