⚠ Exploited in the wild
Exploitation observed in the wild. Not yet on CISA KEV.

CVE-2005-4560Improper Input Validation in Microsoft Windows 2003 Server

CWE-20Improper Input Validation6 documents6 sources
Severity
7.5HIGHNVD
EPSS
90.3%
top 0.40%
CISA KEV
Not in KEV
Exploit
Exploited in wild
Active exploitation observed
Affected products
1
Microsoft Windows 2003 Server
Timeline
PublishedDec 28
Latest updateMay 1

Description

The Windows Graphical Device Interface library (GDI32.DLL) in Microsoft Windows allows remote attackers to execute arbitrary code via a Windows Metafile (WMF) format image with a crafted SETABORTPROC GDI Escape function call, related to the Windows Picture and Fax Viewer (SHIMGVW.DLL), a different vulnerability than CVE-2005-2123 and CVE-2005-2124, and as originally discovered in the wild on unionseek.com.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

🔴Vulnerability Details

3
GHSA
GHSA-w94w-cg39-6r6h: The Windows Graphical Device Interface library (GDI322022-05-01
CVEList
CVE-2005-4560: The Windows Graphical Device Interface library (GDI322005-12-28
VulnCheck
Microsoft Windows Improper Input Validation2005

💥Exploits & PoCs

1
Exploit-DB
Microsoft Windows XP/Vista/2003 - Metafile Escape() SetAbortProc Code Execution (MS06-001) (Metasploit)2010-09-20

💬Community

1
Bugzilla
[PATCH] CVE-2006-0106: WINE vulnerable to CVE-2005-4560 WMF exploit2006-01-08
CVE-2005-4560 — Improper Input Validation in Microsoft | cvebase