CVE-2003-0906
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2003-0906
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Buffer overflow in the rendering for (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1 allows remote attackers to execute arbitrary code via a malformed WMF or EMF image.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Windows Metafile堆远程溢出漏洞(MS04-011)
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Windows GDI客户端DLL(GDI32.dll)实现对Windows Metafile格式图象处理。 GDI32.dll PlayMetaFileRecord() API函数处理Metafile文件时存在堆溢出,远程攻击者可以利用这个漏洞构建恶意文件,诱使用户处理,以用户进程权限执行任意指令。 Windows Metafile 格式是Windows 系统中标准的图形格式,GDI32.dll PlayMetaFileRecord() API函数处理Windows Metafile记录时存在一个堆溢出
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2003-0906
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2003-0906
请登录查看更多情报信息。
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-011vendor-advisoryx_refsource_MS
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A959vdb-entrysignaturex_refsource_OVAL
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A897vdb-entrysignaturex_refsource_OVAL
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1064vdb-entrysignaturex_refsource_OVAL
- https://nvd.nist.gov/vuln/detail/CVE-2003-0906
Same Patch Batch · n/a · 2004-04-16 · 30 CVEs total
| CVE-2004-0119 | Microsoft Windows Negotiate SSP 代码问题漏洞 | |
| CVE-2004-0403 | KAME Racoon畸形ISAKMP包远程拒绝服务漏洞 | |
| CVE-2004-0391 | Cisco WLSE和HSE设备默认用户名和密码漏洞 | |
| CVE-2004-0388 | Oracle MySQL 安全漏洞 | |
| CVE-2004-0387 | RealNetworks RealOne Player/RealPlayer Remote R3T文件基于栈的缓冲区溢出漏洞 | |
| CVE-2004-0385 | Oracle 9iAS/10g应用服务器WEB缓冲远程堆溢出漏洞 | |
| CVE-2004-0197 | Microsoft Jet数据库引擎远程任意指令漏洞(MS04-014) | |
| CVE-2004-0180 | CVS客户端RCS Diff客户端文件覆盖漏洞 | |
| CVE-2004-0179 | Neon WebDAV Client 库格式化字符串漏洞 | |
| CVE-2004-0178 | Linux Kernel存在多个安全漏洞 | |
| CVE-2004-0177 | Linux Kernel EXT3文件系统信息泄露漏洞 | |
| CVE-2004-0155 | Racoon IKE守护程序未授权X.509证书连接漏洞 | |
| CVE-2004-0124 | Microsoft RPC对象身份信息泄露漏洞(MS04-012) | |
| CVE-2004-0123 | Microsoft ASN.1两次释放堆内存破坏漏洞(MS04-011) | |
| CVE-2004-0120 | Microsoft Windows SSL远程拒绝服务漏洞(MS04-011) | |
| CVE-2002-0385 | Vignette StoryServer堆栈内存信息泄露漏洞 | |
| CVE-2004-0118 | Windows VDM TIB本地权限提升漏洞(MS04-011) | |
| CVE-2004-0117 | Microsoft Windows H.323任意代码执行漏洞(MS04-011) | |
| CVE-2004-0116 | Microsoft DCOM RPC内存泄露远程拒绝服务漏洞(MS04-012) | |
| CVE-2004-0109 | Linux Kernel ISO9660文件系统缓冲区溢出漏洞 |
Showing top 20 of 30 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
V. Comments for CVE-2003-0906
No comments yet