Vulnerabilities > CVE-2004-0209 - Remote Buffer Overflow vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Unknown vulnerability in the Graphics Rendering Engine processes of Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code via (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats that involve "an unchecked buffer."
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 3 |
Exploit-Db
description | MS Windows Metafile (.emf) Heap Overflow Exploit (MS04-032). CVE-2004-0209. Remote exploit for windows platform |
id | EDB-ID:584 |
last seen | 2016-01-31 |
modified | 2004-10-20 |
published | 2004-10-20 |
reporter | houseofdabus |
source | https://www.exploit-db.com/download/584/ |
title | Microsoft Windows Metafile .emf Heap Overflow Exploit MS04-032 |
Nessus
NASL family | Windows : Microsoft Bulletins |
NASL id | SMB_NT_MS04-032.NASL |
description | The remote host is missing a security update for Microsoft Windows (840987). The missing security update fixes issues in the following areas : - Window Management - Virtual DOS Machine - Graphics Rendering Engine - Windows Kernel A local attacker could exploit any of these vulnerabilities to cause a local denial of service or obtain higher privileges on the remote host. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 15457 |
published | 2004-10-12 |
reporter | This script is Copyright (C) 2004-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/15457 |
title | MS04-032: Security Update for Microsoft Windows (840987) |
code |
|
Oval
accepted 2004-12-09T08:46:00.000-04:00 class vulnerability contributors name Ingrid Skoog organization The MITRE Corporation description Unknown vulnerability in the Graphics Rendering Engine processes of Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code via (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats that involve "an unchecked buffer." family windows id oval:org.mitre.oval:def:1872 status accepted submitted 2004-10-14T09:59:00.000-04:00 title Windows XP Enhanced Metafile Image Format Rendering Buffer Overflow version 64 accepted 2004-11-17T10:00:00.000-04:00 class vulnerability contributors name Ingrid Skoog organization The MITRE Corporation description Unknown vulnerability in the Graphics Rendering Engine processes of Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code via (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats that involve "an unchecked buffer." family windows id oval:org.mitre.oval:def:2114 status accepted submitted 2004-10-13T11:11:00.000-04:00 title Windows 2000 Enhanced Metafile Image Format Rendering Buffer Overflow version 65 accepted 2004-11-17T10:00:00.000-04:00 class vulnerability contributors name Ingrid Skoog organization The MITRE Corporation name Ingrid Skoog organization The MITRE Corporation
description Unknown vulnerability in the Graphics Rendering Engine processes of Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code via (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats that involve "an unchecked buffer." family windows id oval:org.mitre.oval:def:2428 status accepted submitted 2004-10-13T11:29:00.000-04:00 title Windows XP/Server 2003 (64-Bit) Enhanced Metafile Image Format Rendering Buffer Overflow version 65
Saint
bid | 11375 |
description | Windows Metafile rendering buffer overflow |
id | win_patch_wmf |
osvdb | 10692 |
title | windows_metafile |
type | client |
Seebug
bulletinFamily | exploit |
description | No description provided by source. |
id | SSV:8643 |
last seen | 2017-11-19 |
modified | 2008-06-05 |
published | 2008-06-05 |
reporter | Root |
source | https://www.seebug.org/vuldb/ssvid-8643 |
title | MS Windows Metafile (.emf) Heap Overflow Exploit (MS04-032) |
References
- http://marc.info/?l=bugtraq&m=109829067325779&w=2
- http://www.kb.cert.org/vuls/id/806278
- http://www.securityfocus.com/bid/11375
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-032
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16581
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17658
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1872
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2114
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2428