Preemptive Protection against Microsoft Windows WMF File Handling Denial of Service Vulnerability
| Check Point Reference: | CPAI-2006-096 | |
| Date Published: | ||
| Severity: | ||
| Last Updated: | ||
| Source: | FRSIRT/ADV-2006-3180 | |
| Industry Reference(s): | CVE-2006-4071 | |
| Protection Provided by: |
VPN-1
|
|
| Who is Vulnerable? Microsoft Windows 2000 SP4 Microsoft Windows XP SP1 Microsoft Windows XP SP2 Microsoft Windows XP Professional x64 Edition Microsoft Windows Server 2003 Microsoft Windows Server 2003 SP1 Microsoft Windows Server 2003 (Itanium) Microsoft Windows Server 2003 SP1 (Itanium) Microsoft Windows Server 2003 x64 Edition | ||
| Vulnerability Description Several Microsoft Windows operating systems fail to process malformed WMF files. A remote attacker can trigger this flaw to deny service from legitimate users. By convincing a user to visit a specially crafted Web page or to open a malformed image file, an attacker could cause applications on the user's system to crash. |
||
|
Update/Patch Available Check Point is not aware of any official patch for this issue |
|
|
Vulnerability Details This vulnerability is due to an error in the GDI Client DLL library (gdi32.dll) when processing malformed WMF files. A remote attacker can crash an application using the vulnerable library by convincing a user to view a specially crafted WMF image file or a maliciously crafted Web page. |
Protection Overview
Users are protected against this vulnerability if the WMF/EMF protection addressed in the Solution section of CPAI-2006-020 has been applied. The protection detects WMF and EMF files over the configured HTTP ports and blocks the connection when it detects these files.
To configure the defense, select your product from the list below and follow the related protection steps.