Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2006-4071 — Microsoft Windows 2003 Server vulnerability

4 documents4 sources

Severity

2.6LOWNVD

EPSS

31.0%

top 3.25%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Microsoft Windows 2003 Server

Timeline

PublishedAug 10

Latest updateMay 1

Description

Sign extension vulnerability in the createBrushIndirect function in the GDI library (gdi32.dll) in Microsoft Windows XP, Server 2003, and possibly other versions, allows user-assisted attackers to cause a denial of service (application crash) via a crafted WMF file.

CVSS vector

AV:N/AC:H/C:N/I:N/A:PExploitability: 4.9 | Impact: 2.9

Affected Packages1 packages

▶NVDmicrosoft/windows_2003_serverr2, sp1+1

🔴Vulnerability Details

GHSA

GHSA-cj47-3fwv-pmjq: Sign extension vulnerability in the createBrushIndirect function in the GDI library (gdi32↗2022-05-01

▶

CVEList

CVE-2006-4071: Sign extension vulnerability in the createBrushIndirect function in the GDI library (gdi32↗2006-08-10

▶

💥Exploits & PoCs

Exploit-DB

Microsoft Windows Explorer - '.WMF' CreateBrushIndirect Denial of Service↗2007-01-13

▶