Microsoft Windows Graphics Rendering Engine (GRE) WMF code execution

win-gre-wmf-code-execution (26815) The risk level is classified as HighHigh Risk

Description:

Multiple could allow a remote attacker to execute arbitrary code on the system, caused by improper handling of Windows Metafile (WMF) images by the Graphics Rendering Engine (GRE). By creating a malicious WMF image and sending it to a victim as an email attachment or hosting it on a Web site, a remote attacker could execute arbitrary code and gain complete control of the affected system, once the malicious image is opened.


Consequences:

Gain Access

Remedy:

Apply the appropriate patch for your system, as listed in Microsoft Security Bulletin MS06-026. See References.

References:

  • BugTraq Mailing List, Mon Jun 12 2006 - 21:38:46 CDT: SYMSA-2006-004: Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution.
  • BugTraq Mailing List, Wed Jul 12 2006 - 14:58:42 CDT: SYMSA-2006-004 (Full Details): Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution.
  • Microsoft Security Bulletin MS06-026: Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution (918547).
  • ASA-2006-126: Windows Security Updates for June 2006 - (MS06-021 - MS06-032)
  • BID-18322: Microsoft Windows GDI WMF Handling Heap Overflow Vulnerability
  • CVE-2006-2376: Integer overflow in the PolyPolygon function in Graphics Rendering Engine on Microsoft Windows 98 and Me allows remote attackers to execute arbitrary code via a Windows Metafile (WMF) or EMF image with a sum of entries in the vertext counts array and number of polygons that triggers a heap-based buffer overflow.
  • OSVDB ID: 26431: Microsoft Windows Graphics Rendering Engine PolyPolygon Function Overflow
  • SA20631: Microsoft Windows Graphics Rendering Engine Vulnerability
  • SECTRACK ID: 1016286: Microsoft Windows 98 Graphics Rendering Engine Buffer Overflow in Processing WMF Images Lets Remote Users Execute Arbitrary Code
  • US-CERT VU#909508: Microsoft Graphics Rendering Engine fails to properly handle WMF images
  • VUPEN/ADV-2006-2324: Microsoft Windows Graphics Rendering Engine Code Execution Issue (MS06-026)

Platforms Affected:

  • Microsoft Windows 98
  • Microsoft Windows 98SE
  • Microsoft Windows Me

Reported:

Jun 13, 2006

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page