Vulnerability Details : CVE-2003-0906
Buffer overflow in the rendering for (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1 allows remote attackers to execute arbitrary code via a malformed WMF or EMF image.
Vulnerability category: OverflowExecute code
Products affected by CVE-2003-0906
- cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2000:*:sp4:*:fr:*:*:*:*
- cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_xp:*:sp1:tablet_pc:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2003-0906
10.33%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 94 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2003-0906
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.6
|
HIGH | AV:N/AC:H/Au:N/C:C/I:C/A:C |
4.9
|
10.0
|
NIST |
References for CVE-2003-0906
-
http://www.securityfocus.com/bid/10120
-
http://www.kb.cert.org/vuls/id/547028
Patch;Third Party Advisory;US Government Resource
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1064
-
http://www.us-cert.gov/cas/techalerts/TA04-104A.html
Page Not Found | CISAThird Party Advisory;US Government Resource
-
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-011
Microsoft Security Bulletin MS04-011 - Critical | Microsoft Learn
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A959
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A897
Jump to