POP3: .WMF
This signature detects Metafiles files sent over POP3. Windows Metafiles and Enhanced Metafiles files can take advantage of Windows GDI vulnerabilities. Attackers can exploit these vulnerabilities by depositing instructions or arbitrary code on a target's system. User involvement is required to activate Metafiles; typically they are attached to a harmless-appearing e-mail message.
Extended Description
Microsoft Windows WMF/EMF image-rendering library is affected by a remote buffer-overflow vulnerability because it fails to properly verify the lengths of strings contained within an affected image file before copying them into finite buffers. Any code execution that occurs will take place with SYSTEM privileges because of the nature of the affected library. This will also permit local privilege-escalation attacks.
Affected Products
Avaya s8100_media_servers,Microsoft windows_xp_media_center_edition
Short Name
POP3:EXT:DOT-WMF
Severity
Minor
Recommended
False
Recommended Action
None
Category
POP3
Keywords
.WMF CVE-2004-0209 bid:11375
Release Date
10/14/2004
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3725
False Positive
Unknown
Vendors
Microsoft
Avaya
CVSS Score
10.0