WINDOWS METAFILE VULNERABILITY


WINDOWS METAFILE VULNERABILITY

Generated by Secunia 26 February, 2008
SA28902 / CVE-2007-0065 Introduction: ===== A vulnerability in Microsoft Windows within the OLE based buffer overflow via a specially crafted OLE stream containing a metafile
http://secunia.com/gfx/pdf/SA28902_BA.pdf

feel secure
growing prosperity is leading to greater technical complexity and increased vulnerability linked to an alarm. A map has a background image as vector drawings, saved in Windows MetaFile
http://www.geindustrial.com/ge-interlogix/emea/holland/support/leaflets/AllianceEnglish.pdf

SA Computer Magazine
Womble.d exploits 'SetAbortProc Code Execution' vulnerability in Windows, by causing an error in handling specially crafted 'Windows Metafile' file types. The vulnerability can also
http://www.mwti.net/products/pdfs/scam_co_za_Womble%20Worm%20Spreads%20Via%20Bush%20email.pdf

NEWS ? TECHNOLOGY ? PEOPLE? TRENDS
An attacker could take complete control of a vulnerable system by exploiting the Graphics Engine vulnerability CVE-2005-2123 or Windows Metafile vulnerability CVE-2005
http://www.webweekmag.com/issues/issue147.pdf

advisor MASTER
growing prosperity is leading to greater technical complexity and increased vulnerability drawing, or a combination of both bitmaps and vector drawings, saved in Windows MetaFile
http://www.geindustrial.com/ge-interlogix/emea/holland/support/leaflets/SoftwareSolutionsBrochure_EN.pdf

Womble Worm Spreads Via Bush Email
Womble.d exploits 'SetAbortProc Code Execution' vulnerability in Windows, by causing an error in handling specially crafted 'Windows Metafile' file types. The vulnerability can also
http://www.mwti.net/products/pdfs/itreseller_Womble%20Worm%20Spreads%20Via%20Bush%20email.pdf

Virus Threats Continue: Late Breaking Alert:
At the start of the new year, Microsoft released a series of patches for a vulnerability in how Windows renders graphics in the Windows Metafile format WMF. The vulnerability was
http://it.mansfield.edu/policies/itnews_archive/NewsJan06.pdf

Symantec? Security Update - November 2005 Worldwide and APAC Monthly ...
Rendering Engine is responsible for rendering Windows metafile (WMF) and enhanced metafile (EMF) images on Microsoft Windows platforms. Successful exploitation of the vulnerability
http://www.security.iia.net.au/downloads/symantec%20threat%20report%20november_apac_11_20051.pdf

PandaLabs Bulletins: Social Networks in the spotlight
user profiles to propagate, infecting all users that visited an infected profile. Around that time, an advertising banner in MySpace exploited a Windows Metafile vulnerability to
http://www.pandasecurity.com/img/enc/Red_Soc_punto_mira_en.pdf

Shavlik Technologies, LLC Offers Emergency Workaround for Zero-Day ...
user's system by hosting a specially crafted Windows Metafile (WMF) image on a malicious Web site. For administrators that want a workaround to protect against this vulnerability
http://www.shavlik.com/press_releases/WMF_Zero-Day_Exploit_Advisory_FINAL.pdf

Product Support Notice
reported vulnerability MS05-027 901214 Security Vulnerability in Windows Win32 Graphics Device Interface (GDI) and Extended MetaFile (EMF) MS06-001 912919 Security Vulnerability
http://support.avaya.com/elmodocs2/PSN/PSN1642u.pdf

State of Alaska Cyber Security & Critical Infrastructure Cyber ...
occurs when a user is enticed to open a maliciously crafted Windows Metafile (WMF) or Windows Enhanced Metafile (EMF) image. Microsoft has confirmed that this vulnerability can be
http://www.state.ak.us/local/akpages/ADMIN/info/security/SA2008-009.pdf

Product Focus
CVE-2006-5758 ô 16465 WMF Denial of Service Vulnerability (MS07-017/925902) (Remote File Checking) A denial of service vulnerability exists in Windows when rendering Windows Metafile
http://www.netvigilance.com/archive/scoutnews07april06.pdf

This Week in Review
in Graphics Rendering Engine Could Allow Code Execution (MS05-053/896424) (Remote File Checking) A remote code execution vulnerability exists in the rendering of Windows Metafile (WMF
http://www.netvigilance.com/archive/scoutnews05november11.pdf

Technical Analysis of MS06-001
Technical Analysis of MS06-001 Vulnerability in Graphics special meta record called a "SetAbortProc" escape metafile This is the structure of a GDI entry on Windows 2000/XP:
http://www.websense.com/securitylabs/images/alerts/ms06-001.pdf

McAfee Foundstone Update
Windows includes support for advanced graphics rendering. A vulnerability is present in the rendering of Windows Metafile (WMF) image format allowing attackers to control any program
http://www.mcafee.com/us/local_content/release_notes/foundstone/fsl_10_30_2006.pdf

Yui Kee Computing Ltd
Chinese hackers, or, indeed, by another attacker making use of compromised computers in China. More information: http://en.wikipedia.org/wiki/Windows_Metafile_vulnerability#Work
http://www.yuikee.com.hk/info-ctr/newsletter/ykcl-news06-01.pdf

McAfee Host Intrusion Prevention 6.0 Content Release Notes
CVE-2006-3427) É (New) Sig 3766/3767 "Windows Server Service Buffer Overflow Vulnerability" (CVE-2006-3439) É (New) Sig 3769 "Windows Metafile Denial of Service Vulnerability" (CVE
http://www.mcafee.com/us/local_content/release_notes/hips/hips_09_12_2006.pdf

METAFILE ART CLASS
VIRUS BULLETIN www.virusbtn.com 4 JUNE 2008 METAFILE ART CLASS Dennis Elser Secure technical analysis of a recent remotely exploitable fi le format vulnerability within Windows
http://www.trustedsource.org/download/research_publications/SCJun08.pdf

Automated Scanning Vulnerability Report
cause a denial of service (possibly persistent restart) via a crafted Windows Metafile CVE-2007-1212, CVE-2007-1213, CVE-2007-1215, CVE-2007-1765 TestID: 10327 7. Vulnerability in Windows
http://www.beyondsecurity.com/SampleReport.pdf

Websense® Security Labs? Issues Second Half 2005 Semi-Annual ...
Labs was successful in identifying and mitigating several new high-profile exploits, including being the first to discover the Microsoft Windows Metafile (WMF) vulnerability being
http://files.shareholder.com/downloads/WBSN/0x0x155547/e4dd25a4-5bd7-409a-a4cf-55a04ee56d17/WBSN_News_2006_3_1_General.pdf

Microsoft Windows Metafile Handling Buffer Overflow Security Response
Microsoft Windows Metafile Handling Buffer Overflow Microsoft Windows NT based front ends with FACI are not affected by this vulnerability. Xerox products with EFI Windows NT
http://www.xerox.com/downloads/usa/en/c/CERT_TA05-362A.pdf

Lessons from a Zero-Day: The WMF Episode
SANS Technology Institute Master's Presentation by Jim Voorhees 2 Windows Metafile Format Vulnerability ?December 2005, blindsided the defense community ?Spawned great
http://www.sans.edu/resources/student_presentations/WMFPresentation.pdf

Security Advisory 041304-A
Right Reserved April 13, 2004 Security Advisory 041304-G April 13, 2004 Vulnerability: A heap buffer overrun (code injection) vulnerability exists in the rendering of Windows Metafile
http://support.sanasecurity.com/advisory/Security_Advisory_041304G.pdf

Microsoft Windows Defect Poised to Cause Wide-Ranging Attacks ...
The cause of the most recent threat is a newly discovered vulnerability in Micro soft Windows Metafile files (". wmf") that impacts how your windows handles graphics files.
http://www.cbetech.com/_Documents/News/NewsAttach36.pdf

Lessons from a Zero-Day: The WMF Episode
2 SANS Technology Institute Master's Presentation by Jim Voorhees 2 Windows Metafile Format Vulnerability ?December 2005, blindsided the defense community ?Spawned great
http://www.sans.edu/resources/student_presentations/WMFPresentation_notes.pdf

TIPPINGPOINT PREEMPTIVELY PROTECTS CUSTOMERS AGAINST MICROSOFT ...
In addition to issues patched by Microsoft today, the TippingPoint IPS also provided preemptive protection against the zero day Microsoft vulnerability in Windows Metafile (WMF) on
http://www.tippingpoint.com/pdf/press/2006/MSVulJan_011006.pdf

Windows Security Updates for November 2005 - (MS05-053)
A remote code execution vulnerability exists in the rendering of Windows Metafile (WMF) and Enhanced Metafile (EMF) image formats that could allow remote code execution on an
http://support.avaya.com/elmodocs2/security/ASA-2005-228.pdf

Windows MetaFile Backdoor?
Transcript of Episode #22 The Windows MetaFile Backdoor? Description: Leo and I carefully examine the operation of the recently patched Windows MetaFile vulnerability.
http://www.grc.com/sn/SN-022.pdf