Courses:

Offensive Countermeasures: The Art Of Active Defense: SANSFIRE June 15-16, Blackhat USA July 27-28 & 29-30


Conferences:

Check out the entire PaulDotCom crew at BsidesRI June 14-15th!



Subscribe:

Blog:
Videos:
Podcast:


PaulDotCom EspaƱol


Hack Naked TV


Hack Naked At Night


Stogie Geeks


Sponsored By:


www.coresecurity.com


www.tenablesecurity.com


www.sans.org



Follow Us On:


twitter.com/pauldotcom

PaulDotCom YouTube Channel


WMF Reloaded

By
Paul Asadoorian
on January 9, 2006 5:27 PM |
Microsoft Windows WMF graphics rendering engine is affected by multiple memory corruption vulnerabilities. These issues affect the 'ExtCreateRegion' and 'ExtEscape' functions.These problems present themselves when a user views a malicious WMF formatted file containing specially crafted data. Reports indicate that these issues lead to a denial of service condition, however, it is conjectured that arbitrary code execution is possible as well.

Well, it is quite possible that we could see yet another rash of WMF exploitation. I believe that it is going to take time before we fully understand all of the different attack vectors and how to defend against them. Then of course there is the whole Win 9x/ME problem, which doesn't seem to be a problem, yet...


SecurityFocus BID
Bugtraq Posting
ISC Posting

.com

Categories: