CVE-2006-0143

Microsoft Windows 2000 and 2003 Server - Denial of Service via WMF File with Inconsistent Length Arguments

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-0143. PoCs published by cocoruder.

AI-analyzed exploit summary The provided text describes CVE-2006-0143, a vulnerability in the Microsoft Windows WMF graphics-rendering engine affecting 'ExtCreateRegion' and 'ExtEscape' functions. It clarifies that the issue leads to a denial-of-service condition rather than arbitrary code execution.

Description

Microsoft Windows Graphics Rendering Engine (GRE) allows remote attackers to corrupt memory and cause a denial of service (crash) via a WMF file containing (1) ExtCreateRegion or (2) ExtEscape function calls with arguments with inconsistent lengths.

Exploits (1)

exploitdb WRITEUP VERIFIED

by cocoruder · textdoswindows

https://www.exploit-db.com/exploits/27051

View Code ZIP pw:eip

The provided text describes CVE-2006-0143, a vulnerability in the Microsoft Windows WMF graphics-rendering engine affecting 'ExtCreateRegion' and 'ExtEscape' functions. It clarifies that the issue leads to a denial-of-service condition rather than arbitrary code execution.

Classification

Writeup 90%

Attack Type

Dos

Complexity

Moderate

Reliability

Reliable

Target: Microsoft Windows WMF graphics-rendering engine

No auth needed

Prerequisites: User interaction to view a malicious WMF file

MITRE ATT&CK