Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2004-0209 | First vendor Publication | 2004-11-03 |
Vendor | Cve | Last vendor Modification | 2018-10-12 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Unknown vulnerability in the Graphics Rendering Engine processes of Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code via (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats that involve "an unchecked buffer." |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0209 |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:1872 | |||
Oval ID: | oval:org.mitre.oval:def:1872 | ||
Title: | Windows XP Enhanced Metafile Image Format Rendering Buffer Overflow | ||
Description: | Unknown vulnerability in the Graphics Rendering Engine processes of Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code via (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats that involve "an unchecked buffer." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0209 | Version: | 1 |
Platform(s): | Microsoft Windows XP | Product(s): | Enhanced Metafile (EMF) |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:2114 | |||
Oval ID: | oval:org.mitre.oval:def:2114 | ||
Title: | Windows 2000 Enhanced Metafile Image Format Rendering Buffer Overflow | ||
Description: | Unknown vulnerability in the Graphics Rendering Engine processes of Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code via (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats that involve "an unchecked buffer." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0209 | Version: | 1 |
Platform(s): | Microsoft Windows 2000 | Product(s): | Enhanced Metafile (EMF) |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:2428 | |||
Oval ID: | oval:org.mitre.oval:def:2428 | ||
Title: | Windows XP/Server 2003 (64-Bit) Enhanced Metafile Image Format Rendering Buffer Overflow | ||
Description: | Unknown vulnerability in the Graphics Rendering Engine processes of Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code via (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats that involve "an unchecked buffer." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0209 | Version: | 1 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | Enhanced Metafile (EMF) |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Os | 1 | |
Os | 1 | |
Os | 1 |
SAINT Exploits
Description | Link |
---|---|
Windows Metafile rendering buffer overflow | More info here |
ExploitDB Exploits
id | Description |
---|---|
2004-10-20 | MS Windows Metafile (.emf) Heap Overflow Exploit (MS04-032) |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
10692 | Microsoft Windows Metafile Image Format Arbitrary Code Execution A local overflow exists in Windows. The Graphics Rendering Engine fails to validate Windows Metafile (WMF) and Enhanced Metafile (EMF) image files resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity. |
Snort® IPS/IDS
Date | Description |
---|---|
2016-03-14 | Microsoft emf file download request RuleID : 33740-community - Revision : 2 - Type : FILE-IMAGE |
2015-04-10 | Microsoft emf file download request RuleID : 33740 - Revision : 2 - Type : FILE-IMAGE |
2014-01-10 | Microsoft emf file download request RuleID : 2435-community - Revision : 33 - Type : FILE-IDENTIFY |
2014-01-10 | Microsoft emf file download request RuleID : 2435 - Revision : 33 - Type : FILE-IDENTIFY |
2014-01-10 | Microsoft Windows graphics rendering engine buffer overflow attempt RuleID : 23110 - Revision : 5 - Type : FILE-IMAGE |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2004-10-12 | Name : Arbitrary code can be executed on the remote host. File : smb_nt_ms04-032.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2021-05-04 12:02:17 |
|
2021-04-22 01:02:26 |
|
2020-05-23 00:15:44 |
|
2018-10-13 00:22:28 |
|
2017-10-11 09:23:20 |
|
2017-07-11 12:01:24 |
|
2016-10-18 12:01:18 |
|
2016-04-26 12:47:47 |
|
2014-02-17 10:27:18 |
|
2014-01-19 21:22:08 |
|
2013-05-11 11:40:26 |
|