CVE-2006-4071

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to the fixed version

Description The issue is related to a sign extension vulnerability in the createBrushIndirect function within the GDI library (gdi32.dll). This vulnerability allows user-assisted attackers to cause a denial of service, resulting in an application crash, by using a crafted WMF file.

Recommendations For Microsoft Windows versions prior to the fixed version, update to the latest version to resolve the issue. As a temporary workaround, consider restricting the use of WMF files to minimize the risk of exploitation.