SMTP: WMF Malformed Header
This signature detects a Windows Meta File with invalid options in its header. Some versions of Internet Explorer are vulnerable. A successful attack can allow an attacker to run code as the user.
Extended Description
Microsoft Internet Explorer is affected by an WMF image-parsing memory-corruption vulnerability. This issue is allegedly due to an integer-overflow flaw that leads to corrupted heap memory. This problem presents itself when a user views a malicious WMF-formatted file containing specially crafted data. This issue allows remote attackers to execute arbitrary machine code in the context of the affected application. Failed exploitation attempts likely result in crashing the application.
Affected Products
Nortel_networks self-service_media_processing_server,Nortel_networks optivity_telephony_manager_tm-cs1000
References
BugTraq: 16516
CVE: CVE-2006-0020
URL: http://www.microsoft.com/technet/security/bulletin/ms06-004.mspx
Short Name
SMTP:MAL:WMF-MAL-HEADER
Severity
Minor
Recommended
False
Recommended Action
None
Category
SMTP
Keywords
CVE-2006-0020 Header Malformed WMF bid:16516
Release Date
02/14/2006
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Nortel_networks
Avaya
CVSS Score
9.3