CVE - CVE-2005-4560

CVE-ID
CVE-2005-4560	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
The Windows Graphical Device Interface library (GDI32.DLL) in Microsoft Windows allows remote attackers to execute arbitrary code via a Windows Metafile (WMF) format image with a crafted SETABORTPROC GDI Escape function call, related to the Windows Picture and Fax Viewer (SHIMGVW.DLL), a different vulnerability than CVE-2005-2123 and CVE-2005-2124, and as originally discovered in the wild on unionseek.com.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BID:16074 URL:http://www.securityfocus.com/bid/16074 BUGTRAQ:20051227 Exploitation of Windows WMF on the web URL:http://www.securityfocus.com/archive/1/420351/100/0/threaded BUGTRAQ:20051227 Is this a new exploit? URL:http://www.securityfocus.com/archive/1/420288/100/0/threaded BUGTRAQ:20051228 RE: [Full-disclosure] Someone wasted a nice bug on spyware... URL:http://www.securityfocus.com/archive/1/420357/100/0/threaded BUGTRAQ:20051228 Re: Is this a new exploit? URL:http://www.securityfocus.com/archive/1/420367/100/0/threaded BUGTRAQ:20051228 WMF Exploit URL:http://www.securityfocus.com/archive/1/420378/100/0/threaded BUGTRAQ:20051229 RE: WMF Exploit URL:http://www.securityfocus.com/archive/1/420546/30/7730/threaded BUGTRAQ:20051229 WMF exploit URL:http://www.securityfocus.com/archive/1/420446/100/0/threaded BUGTRAQ:20060101 Re: RE: WMF Exploit URL:http://www.securityfocus.com/archive/1/420664/30/7730/threaded BUGTRAQ:20060103 Re: [funsec] WMF round-up, updates and de-mystification URL:http://www.securityfocus.com/archive/1/420687/100/0/threaded BUGTRAQ:20060103 WMF SETABORTPROC exploit URL:http://www.securityfocus.com/archive/1/420684/100/0/threaded BUGTRAQ:20060103 WMF round-up, updates and de-mystification URL:http://www.securityfocus.com/archive/1/420682/100/0/threaded BUGTRAQ:20060104 Another WMF exploit workaround URL:http://www.securityfocus.com/archive/1/420773/100/0/threaded CERT:TA05-362A URL:http://www.us-cert.gov/cas/techalerts/TA05-362A.html CERT:TA06-005A URL:http://www.us-cert.gov/cas/techalerts/TA06-005A.html CERT-VN:VU#181038 URL:http://www.kb.cert.org/vuls/id/181038 MISC:http://linuxbox.org/pipermail/funsec/2006-January/002455.html MISC:http://support.avaya.com/elmodocs2/security/ASA-2006-001.htm MISC:http://vil.mcafeesecurity.com/vil/content/v_137760.htm MISC:http://www.f-secure.com/weblog/archives/archive-122005.html#00000753 MISC:http://www.microsoft.com/technet/security/advisory/912840.mspx MISC:http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL&DocumentOID=375341 MISC:http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL&DocumentOID=375420 MS:MS06-001 URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-001 OVAL:oval:org.mitre.oval:def:1431 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1431 OVAL:oval:org.mitre.oval:def:1433 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1433 OVAL:oval:org.mitre.oval:def:1460 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1460 OVAL:oval:org.mitre.oval:def:1492 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1492 OVAL:oval:org.mitre.oval:def:1564 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1564 OVAL:oval:org.mitre.oval:def:1612 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1612 SECTRACK:1015416 URL:http://securitytracker.com/id?1015416 SECUNIA:18255 URL:http://secunia.com/advisories/18255 SECUNIA:18311 URL:http://secunia.com/advisories/18311 SECUNIA:18364 URL:http://secunia.com/advisories/18364 SECUNIA:18415 URL:http://secunia.com/advisories/18415 VUPEN:ADV-2005-3086 URL:~~http://www.vupen.com/english/advisories/2005/3086~~ (Obsolete source) XF:win-wmf-execute-code(23846) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/23846
Assigning CNA
MITRE Corporation
Date Record Created
20051228	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20051228)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)