CVE-2005-0803

Microsoft Windows 2000 - Resource Management Error

Title source: rule

Description

The GetEnhMetaFilePaletteEntries API in GDI32.DLL in Windows 2000 allows remote attackers to cause a denial of service (application crash) via a crafted Enhanced Metafile (EMF) file that causes invalid (1) end, (2) emreof, or (3) palent offsets to be used, aka "Enhanced Metafile Vulnerability."

Exploits (2)

exploitdb WORKING POC VERIFIED

by Hongzhen Zhou · textdoswindows

https://www.exploit-db.com/exploits/25231

View Code ZIP pw:eip

exploitdb WORKING POC

cdoswindows

https://www.exploit-db.com/exploits/1346

View Code ZIP pw:eip

References (18)

[Mailing List] http://marc.info/?l=bugtraq&m=111108743527497&w=2

[Vendor Advisory] http://secunia.com/advisories/17223

[Vendor Advisory] http://secunia.com/advisories/17461

[Vendor Advisory] http://support.avaya.com/elmodocs2/security/ASA-2005-228.pdf

[US Government Resource] http://www.kb.cert.org/vuls/id/134756

[Exploit] http://www.securityfocus.com/bid/12834

[US Government Resource] http://www.us-cert.gov/cas/techalerts/TA05-312A.html

[Vendor Advisory] http://www.vupen.com/english/advisories/2005/2348

[Vendor Advisory] https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-053

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/19727

[Third Party Advisory, VDB Entry] http://www.osvdb.org/20580

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1121

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1152

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1215

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1240

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A671

[Third Party Advisory, VDB Entry] http://securitytracker.com/id?1015168

[Third Party Advisory] http://secunia.com/advisories/14631

Scores

EPSS 0.7808

EPSS Percentile 99.0%

Details

CWE

CWE-399

Status published

Products (1)

microsoft/windows_2000 (5 CPE variants)

Published May 02, 2005

Tracked Since Feb 18, 2026