Vulnerabilities > CVE-2006-0143 - Resource Management Errors vulnerability in Microsoft products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Microsoft Windows Graphics Rendering Engine (GRE) allows remote attackers to corrupt memory and cause a denial of service (crash) via a WMF file containing (1) ExtCreateRegion or (2) ExtEscape function calls with arguments with inconsistent lengths.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Exploit-Db
| description | Microsoft Windows Graphics Rendering Engine Multiple Memory Corruption Vulnerabilities. CVE-2006-0143. Dos exploit for windows platform |
| id | EDB-ID:27051 |
| last seen | 2016-02-03 |
| modified | 2006-01-09 |
| published | 2006-01-09 |
| reporter | cocoruder |
| source | https://www.exploit-db.com/download/27051/ |
| title | Microsoft Windows Graphics Rendering Engine Multiple Memory Corruption Vulnerabilities |
References
- http://blogs.technet.com/msrc/archive/2006/01/09/417198.aspx
- http://lostmon.blogspot.com/2007/08/windows-extended-file-attributes-buffer.html
- http://securitytracker.com/id?1015453
- http://www.securityfocus.com/archive/1/421257/100/0/threaded
- http://www.securityfocus.com/archive/1/421258/100/0/threaded
- http://www.securityfocus.com/bid/16167
- http://www.vupen.com/english/advisories/2006/0115
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24044