Microsoft Windows Graphics Rendering Engine WMF/EMF Format Code Execution Vulnerability

Microsoft Windows WMF/EMF graphics rendering engine is affected by a remote code execution vulnerability.

The problem presents itself when a user views a malicious WMF or EMF formatted file causing the affected engine to attempt to parse it. Exploitation of this issue can trigger an integer overflow that may facilitate heap memory corruption and arbitrary code execution.

Any code execution that occurs will be with SYSTEM privileges due to the nature of the affected engine. Successful exploitation can facilitate a remote compromise or local privilege escalation.


Privacy Statement
Copyright 2010, SecurityFocus