CVE-2003-0906

high

Description

Buffer overflow in the rendering for (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1 allows remote attackers to execute arbitrary code via a malformed WMF or EMF image.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A959

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A897

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1064

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-011

http://www.us-cert.gov/cas/techalerts/TA04-104A.html

http://www.securityfocus.com/bid/10120

http://www.kb.cert.org/vuls/id/547028

Details

Source: Mitre, NVD

Published: 2004-06-01

Updated: 2018-10-12

Risk Information

CVSS v2

Base Score: 7.6

Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 8.4

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: High