Back to search
CVE-2005-4560
Published: Dec 28, 2005
Modified: Aug 7, 2024
PUBLISHED
Description
The Windows Graphical Device Interface library (GDI32.DLL) in Microsoft Windows allows remote attackers to execute arbitrary code via a Windows Metafile (WMF) format image with a crafted SETABORTPROC GDI Escape function call, related to the Windows Picture and Fax Viewer (SHIMGVW.DLL), a different vulnerability than CVE-2005-2123 and CVE-2005-2124, and as originally discovered in the wild on unionseek.com.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://vil.mcafeesecurity.com/vil/content/v_137760.htm
x_refsource_MISC
20051228 Re: Is this a new exploit?
mailing-list
x_refsource_BUGTRAQ
20051228 WMF Exploit
mailing-list
x_refsource_BUGTRAQ
oval:org.mitre.oval:def:1492
vdb-entry
signature
x_refsource_OVAL
20051228 RE: [Full-disclosure] Someone wasted a nice bug on spyware...
mailing-list
x_refsource_BUGTRAQ
oval:org.mitre.oval:def:1564
vdb-entry
signature
x_refsource_OVAL
18255
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:1612
vdb-entry
signature
x_refsource_OVAL
ADV-2005-3086
vdb-entry
x_refsource_VUPEN
1015416
vdb-entry
x_refsource_SECTRACK
20051227 Exploitation of Windows WMF on the web
mailing-list
x_refsource_BUGTRAQ
20051229 WMF exploit
mailing-list
x_refsource_BUGTRAQ
win-wmf-execute-code(23846)
vdb-entry
x_refsource_XF
18364
third-party-advisory
x_refsource_SECUNIA
20060104 Another WMF exploit workaround
mailing-list
x_refsource_BUGTRAQ
18415
third-party-advisory
x_refsource_SECUNIA
20060101 Re: RE: WMF Exploit
mailing-list
x_refsource_BUGTRAQ
20060103 Re: [funsec] WMF round-up, updates and de-mystification
mailing-list
x_refsource_BUGTRAQ
20060103 WMF round-up, updates and de-mystification
mailing-list
x_refsource_BUGTRAQ
18311
third-party-advisory
x_refsource_SECUNIA
TA05-362A
third-party-advisory
x_refsource_CERT
http://linuxbox.org/pipermail/funsec/2006-January/002455.html
x_refsource_MISC
20051229 RE: WMF Exploit
mailing-list
x_refsource_BUGTRAQ
oval:org.mitre.oval:def:1431
vdb-entry
signature
x_refsource_OVAL
20051227 Is this a new exploit?
mailing-list
x_refsource_BUGTRAQ
VU#181038
third-party-advisory
x_refsource_CERT-VN
oval:org.mitre.oval:def:1460
vdb-entry
signature
x_refsource_OVAL
16074
vdb-entry
x_refsource_BID
MS06-001
vendor-advisory
x_refsource_MS
20060103 WMF SETABORTPROC exploit
mailing-list
x_refsource_BUGTRAQ
oval:org.mitre.oval:def:1433
vdb-entry
signature
x_refsource_OVAL
TA06-005A
third-party-advisory
x_refsource_CERT
http://support.avaya.com/elmodocs2/security/ASA-2006-001.htm
x_refsource_MISC
http://www.microsoft.com/technet/security/advisory/912840.mspx
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now