CVE-2004-0209

Microsoft Windows <2000-2003 - RCE

Title source: llm

Description

Unknown vulnerability in the Graphics Rendering Engine processes of Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code via (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats that involve "an unchecked buffer."

Exploits (1)

exploitdb WORKING POC VERIFIED

by houseofdabus · cremotewindows_x86

https://www.exploit-db.com/exploits/584

View Code ZIP pw:eip

References (9)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/11375

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/16581

[US Government Resource] http://www.kb.cert.org/vuls/id/806278

[Mailing List] http://marc.info/?l=bugtraq&m=109829067325779&w=2

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/17658

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1872

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2428

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2114

[Vendor Advisory] https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-032

Scores

EPSS 0.6962

EPSS Percentile 98.7%

Details

Status published

Products (3)

microsoft/windows_2000

microsoft/windows_2003_server r2

microsoft/windows_xp

Published Nov 03, 2004

Tracked Since Feb 18, 2026