Vulnerabilities > CVE-2006-0106 - Unspecified vulnerability in Wine
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN wine
nessus
Summary
gdi/driver.c and gdi/printdrv.c in Wine 20050930, and other versions, implement the SETABORTPROC GDI Escape function call for Windows Metafile (WMF) files, which allows attackers to execute arbitrary code, the same vulnerability as CVE-2005-4560 but in a different codebase.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 4 |
Nessus
NASL family Mandriva Local Security Checks NASL id MANDRAKE_MDKSA-2006-014.NASL description A vulnerability was discovered by H D Moore in Wine which implements the SETABORTPROC GDI Escape function for Windows Metafile (WMF) files. This could be abused by an attacker who is able to entice a user to open a specially crafted WMF file from within a Wine-execute Windows application, possibly resulting in the execution of arbitrary code with the privileges of the user runing Wine. The updated packages have been patched to correct these problems. last seen 2020-06-01 modified 2020-06-02 plugin id 20793 published 2006-01-22 reporter This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/20793 title Mandrake Linux Security Advisory : wine (MDKSA-2006:014) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-954.NASL description H D Moore has discovered that Wine, a free implementation of the Microsoft Windows APIs, inherits a design flaw from the Windows GDI API, which may lead to the execution of code through GDI escape functions in WMF files. The old stable distribution (woody) does not seem to be affected by this problem. last seen 2020-06-01 modified 2020-06-02 plugin id 22820 published 2006-10-14 reporter This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/22820 title Debian DSA-954-1 : wine - design flaw NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200601-09.NASL description The remote host is affected by the vulnerability described in GLSA-200601-09 (Wine: Windows Metafile SETABORTPROC vulnerability) H D Moore discovered that Wine implements the insecure-by-design SETABORTPROC GDI Escape function for Windows Metafile (WMF) files. Impact : An attacker could entice a user to open a specially crafted Windows Metafile (WMF) file from within a Wine executed Windows application, possibly resulting in the execution of arbitrary code with the rights of the user running Wine. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 20419 published 2006-01-15 reporter This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/20419 title GLSA-200601-09 : Wine: Windows Metafile SETABORTPROC vulnerability
References
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=346197
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=346197
- http://lists.immunitysec.com/pipermail/dailydave/2006-January/002806.html
- http://lists.immunitysec.com/pipermail/dailydave/2006-January/002806.html
- http://secunia.com/advisories/18323
- http://secunia.com/advisories/18323
- http://secunia.com/advisories/18451
- http://secunia.com/advisories/18451
- http://secunia.com/advisories/18549
- http://secunia.com/advisories/18549
- http://secunia.com/advisories/18578
- http://secunia.com/advisories/18578
- http://www.debian.org/security/2006/dsa-954
- http://www.debian.org/security/2006/dsa-954
- http://www.gentoo.org/security/en/glsa/glsa-200601-09.xml
- http://www.gentoo.org/security/en/glsa/glsa-200601-09.xml
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:014
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:014
- http://www.novell.com/linux/security/advisories/2006_02_sr.html
- http://www.novell.com/linux/security/advisories/2006_02_sr.html
- http://www.securityfocus.com/archive/1/422128/100/0/threaded
- http://www.securityfocus.com/archive/1/422128/100/0/threaded
- http://www.vupen.com/english/advisories/2006/0098
- http://www.vupen.com/english/advisories/2006/0098
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23846
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23846