HTTP: Microsoft Windows GRE WMF Handling Denial of Service
This signature detects attempts to exploit a known vulnerability in the Graphics Rendering Engine (GRE) component of Microsoft Windows. The vulnerability is created by an error in parsing certain Windows Metafile (WMF) files. An attacker can exploit this vulnerability to cause the executing program to terminate via a crafted WMF file. An successful attack exploiting this vulnerability can cause the vulnerable application that opens the malicious WMF file to terminate.
Extended Description
Microsoft Windows WMF graphics-rendering engine is affected by multiple memory-corruption vulnerabilities. These issues affect the 'ExtCreateRegion' and 'ExtEscape' functions. These problems present themselves when a user views a malicious WMF-formatted file containing specially crafted data. Reports indicate that these issues lead to a denial-of-service condition. Earlier conjectures that the issues may result in the execution of arbitrary code appear at this point to be incorrect. Attackers could force a crash or restart of the viewing application.
Affected Products
Microsoft windows_xp_media_center_edition
Short Name
HTTP:STC:DL:MS-WMF-DOS
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2006-0143 Denial GRE Handling Microsoft Service WMF Windows bid:16167 of
Release Date
08/03/2011
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Microsoft
CVSS Score
7.5