Vulnerability Details CVE-2005-0803
The GetEnhMetaFilePaletteEntries API in GDI32.DLL in Windows 2000 allows remote attackers to cause a denial of service (application crash) via a crafted Enhanced Metafile (EMF) file that causes invalid (1) end, (2) emreof, or (3) palent offsets to be used, aka "Enhanced Metafile Vulnerability."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.763
EPSS Ranking 98.9%
CVSS Severity
CVSS v2 Score 5.0
References
- http://marc.info/?l=bugtraq&m=111108743527497&w=2
- http://secunia.com/advisories/14631
- http://secunia.com/advisories/17223
- http://secunia.com/advisories/17461
- http://securitytracker.com/id?1015168
- http://support.avaya.com/elmodocs2/security/ASA-2005-228.pdf
- http://www.kb.cert.org/vuls/id/134756
- http://www.osvdb.org/20580
- http://www.securityfocus.com/bid/12834
- http://www.us-cert.gov/cas/techalerts/TA05-312A.html
- http://www.vupen.com/english/advisories/2005/2348
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-053
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19727
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1121
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1152
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1215
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1240
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A671
- http://marc.info/?l=bugtraq&m=111108743527497&w=2
- http://secunia.com/advisories/14631
- http://secunia.com/advisories/17223
- http://secunia.com/advisories/17461
- http://securitytracker.com/id?1015168
- http://support.avaya.com/elmodocs2/security/ASA-2005-228.pdf
- http://www.kb.cert.org/vuls/id/134756
- http://www.osvdb.org/20580
- http://www.securityfocus.com/bid/12834
- http://www.us-cert.gov/cas/techalerts/TA05-312A.html
- http://www.vupen.com/english/advisories/2005/2348
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-053
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19727
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1121
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1152
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1215
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1240
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A671
Products affected by CVE-2005-0803
-
cpe:2.3:o:microsoft:windows_2000:-
-
cpe:2.3:o:microsoft:windows_2000:beta3