cbcvebase.
CVE-2006-0143
published 2006-01-09

CVE-2006-0143: Microsoft Windows Graphics Rendering Engine (GRE) allows remote attackers to corrupt memory and cause a denial of service (crash) via a WMF file containing (1)…

PriorityP339high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
39.04%
98.4th percentile
Microsoft Windows Graphics Rendering Engine (GRE) allows remote attackers to corrupt memory and cause a denial of service (crash) via a WMF file containing (1) ExtCreateRegion or (2) ExtEscape function calls with arguments with inconsistent lengths.

Affected

7 ranges
VendorProductVersion rangeFixed in
microsoftwindows_2003_server
microsoftwindows_2003_server
microsoftwindows_2003_server
microsoftwindows_2003_server
microsoftwindows_2003_server
microsoftwindows_2003_server
microsoftwindows_2003_server

Detection & IOCsextracted from sources · hover to see the quote

urlhttps://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/27051.rar
  • Monitor for WMF files containing ExtCreateRegion function calls with inconsistent argument lengths, which may indicate exploitation attempts.
  • Inspect WMF-formatted files opened by users for specially crafted ExtCreateRegion or ExtEscape records; malicious files will cause application crash or restart.
  • ·Exploitation leads to denial-of-service (crash/restart) only; arbitrary code execution was ruled out.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.