Microsoft Internet Explorer WMF Memory Corruption Vulnerability (MS06-004)
Advisory ID : FrSIRT/ADV-2006-0469CVE ID : CVE-2006-0020
OVAL ID : OVAL1638
Rated as : Critical
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2006-02-08
Technical Description
A vulnerability has been identified in Microsoft Internet Explorer, which could be exploited by remote attackers to execute arbitrary commands. This flaw is due to a memory corruption error in the rendering of Windows Metafile (WMF) images containing a specially crafted header size, which could be exploited by attackers to remotely take complete control of an affected system by convincing a user to open a malicious email attachment or visit a specially crafted Web page that is designed to automatically exploit this vulnerability through Internet Explorer.
Affected Products
Microsoft Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4
Solution
Upgrade to Internet Explorer 6 Service Pack 1 :
http://www.microsoft.com/windows/ie/downloads/critical/ie6sp1/default.mspx
Or apply patch :
http://www.microsoft.com/downloads/details.aspx?FamilyId=C0DF2FC3-2075-46B5-945F-6E0BD6806151
References
http://www.frsirt.com/english/advisories/2006/0469
http://www.microsoft.com/technet/security/advisory/913333.mspx
http://www.microsoft.com/technet/security/Bulletin/MS06-004.mspx
ChangeLog
2006-02-08 : Initial release
2006-02-14 : MS06-004 released