NetDefend IPS
IPS Advisories
NetDefend
Anti-Virus
Anti-Virus Advisories
NetDefend Web Content Filtering
NetDefend Update Center
IPS History
Nov 03, 2017
Oct 27, 2017
Sep 01, 2017
Jul 07, 2017
Jul 06, 2017
Anti-Virus History
Nov 23, 2017
Nov 20, 2017
Nov 18, 2017
Nov 16, 2017
Nov 15, 2017







Home > NetDefend Live > NetDefend IPS Service
NetDefend IPS Service
Print
Advisory ID
7244
Name
WMF Escape
IPS Signature
Maintenance IPS Signature
IPS Group
FROM / EXT / EXPLOIT
Issued
Dec 30, 2005
Description
The vulnerability is caused due to an error in the handling of Windows Metafile files (".wmf") containing specially crafted SETABORTPROC "Escape" records. Such records allow arbitrary user-defined function to be executed when the rendering of a WMF file fails. This can be exploited to execute arbitrary code by tricking a user into opening a malicious ".wmf" file in "Windows Picture and Fax Viewer" or previewing a malicious ".wmf" file in explorer (i.e. opening a folder containing a malicious image file).
Solution
http://hexblog.com/2005/12/wmf_vuln.html
Refferences
http://www.milw0rm.com/id.php?id=1391
http://wvware.sourceforge.net/caolan/ora-wmf.html
http://www.csee.umbc.edu/~squire/download/WinGDI.h
http://windowssdk.msdn.microsoft.com/library/en-us/multimed/htm/_win32_escape.asp
http://msdn.microsoft.com/library/en-us/gdi/prntspol_0883.asp
http://archives.neohapsis.com/archives/fulldisclosure/2005-12/1298.html
http://sunbeltblog.blogspot.com/2005/12/more-than-50-wmf-variants-in-wild.html
http://isc.sans.org/diary.php?storyid=975
http://www.securityfocus.com/archive/1/420288/30/0/threaded
http://www.microsoft.com/technet/security/advisory/912840.mspx
http://www.bleedingsnort.com/forum/viewtopic.php?forum=3&showtopic=1544
http://www.securityfocus.com/bid/16074
http://www.frsirt.com/english/advisories/2005/3086
http://secunia.com/advisories/18255
http://www.kb.cert.org/vuls/id/181038
cve
CVE-2005-4560
Enter your details in the box below to receive an email each time we post a new issue of our newsletter.







Nov 25, 2017