|
||||||||||||||||
|
||||||||||||||||
|
| |||||||||||||||
|
||||||||||||||||
|
||||||||||||||||
|
|
 |
| |
|
| |
| |
|
|
|
|
|
|
|
áòèé÷ :: Security-alerts |
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [security-alerts] FW: [SA21377] Microsoft Windows WMF File Handling Denial of Service
> > TITLE: > Microsoft Windows WMF File Handling Denial of Service > > SECUNIA ADVISORY ID: > SA21377 > > VERIFY ADVISORY: > > > CRITICAL: > Not critical > > IMPACT: > DoS > > WHERE: > From remote > > OPERATING SYSTEM: > Microsoft Windows XP Professional > > Microsoft Windows XP Home Edition > > Microsoft Windows Server 2003 Web Edition > > Microsoft Windows Server 2003 Standard Edition > > Microsoft Windows Server 2003 Enterprise Edition > > Microsoft Windows Server 2003 Datacenter Edition > > Microsoft Windows 2000 Server > > Microsoft Windows 2000 Professional > > Microsoft Windows 2000 Datacenter Server > > Microsoft Windows 2000 Advanced Server > > > DESCRIPTION: > cyanid-E has discovered a vulnerability in Microsoft Windows, which > can be exploited by malicious people to cause a DoS (Denial of > Service). > > The vulnerability is caused due to a signedness error in the GDI > Client DLL library (gdi32.dll) when processing WMF files. This can be > exploited to crash an application using the vulnerable library (e.g. > explorer.exe) by tricking a user into viewing a specially crafted WMF > file. > > The vulnerability has been confirmed on a fully patched Windows XP > SP2. Other versions may also be affected. > > SOLUTION: > Grant only trusted users access to affected systems. Open trusted WMF > files only. > > PROVIDED AND/OR DISCOVERED BY: > cyanid-E > > ORIGINAL ADVISORY: > cyanid-E: > > /048530.html > > /048547.html > >
|