CVE-2006-0143
published 2006-01-09CVE-2006-0143: Microsoft Windows Graphics Rendering Engine (GRE) allows remote attackers to corrupt memory and cause a denial of service (crash) via a WMF file containing (1)…
PriorityP339high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
39.04%
98.4th percentile
Microsoft Windows Graphics Rendering Engine (GRE) allows remote attackers to corrupt memory and cause a denial of service (crash) via a WMF file containing (1) ExtCreateRegion or (2) ExtEscape function calls with arguments with inconsistent lengths.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_2003_server | — | — |
| microsoft | windows_2003_server | — | — |
| microsoft | windows_2003_server | — | — |
| microsoft | windows_2003_server | — | — |
| microsoft | windows_2003_server | — | — |
| microsoft | windows_2003_server | — | — |
| microsoft | windows_2003_server | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor for WMF files containing ExtCreateRegion function calls with inconsistent argument lengths, which may indicate exploitation attempts. ↗
- →Inspect WMF-formatted files opened by users for specially crafted ExtCreateRegion or ExtEscape records; malicious files will cause application crash or restart. ↗
- ·Exploitation leads to denial-of-service (crash/restart) only; arbitrary code execution was ruled out. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://blogs.technet.com/msrc/archive/2006/01/09/417198.aspxhttp://lostmon.blogspot.com/2007/08/windows-extended-file-attributes-buffer.htmlhttp://securitytracker.com/id?1015453http://www.securityfocus.com/archive/1/421257/100/0/threadedhttp://www.securityfocus.com/archive/1/421258/100/0/threadedhttp://www.securityfocus.com/bid/16167http://www.vupen.com/english/advisories/2006/0115https://exchange.xforce.ibmcloud.com/vulnerabilities/24044http://blogs.technet.com/msrc/archive/2006/01/09/417198.aspxhttp://lostmon.blogspot.com/2007/08/windows-extended-file-attributes-buffer.htmlhttp://securitytracker.com/id?1015453http://www.securityfocus.com/archive/1/421257/100/0/threadedhttp://www.securityfocus.com/archive/1/421258/100/0/threadedhttp://www.securityfocus.com/bid/16167http://www.vupen.com/english/advisories/2006/0115https://exchange.xforce.ibmcloud.com/vulnerabilities/24044
2006-01-09
Published