PT-2005-3061 · Microsoft · Windows Server 2003+3

Peter Ferrie

Publicado

2005-11-29

Atualizado

2018-10-12

CVE-2005-2124

CVSS v2.0

7.6

Alta

Vetor

AV:N/AC:H/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: Windows 2000 SP4 Windows XP SP1 Windows XP SP2 Windows Server 2003 SP1

Description: The issue is related to an unspecified vulnerability in the Graphics Rendering Engine, specifically in the GDI32.DLL component, which is associated with an unchecked buffer and possibly buffer overflows. This allows remote attackers to execute arbitrary code via a crafted Windows Metafile (WMF) format image.

Recommendations: For Windows 2000 SP4, update to a version that includes the fix for this issue. For Windows XP SP1, update to a version that includes the fix for this issue. For Windows XP SP2, update to a version that includes the fix for this issue. For Windows Server 2003 SP1, update to a version that includes the fix for this issue.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2005-2124

Produtos afetados

Gdi32.Dll

Windows 2000

Windows Server 2003

Windows Xp

PT-2005-3061 · Microsoft · Windows Server 2003+3

CVE-2005-2124

Identificadores relacionados

Produtos afetados

Referências · 16