Intrusion Prevention

MS.GDI32.DLL.WMF.File.DoS

Description

Microsoft Windows GDI library (gdi32.dll) has a denial of service vulnerability. A remote attacker could cause an application crash via a crafted WMF file. It will cause Explorer to crash even if the victim only previews the malicious file or browses a folder containing the malicious file.

Affected Products

Microsoft Windows 2000 Service Pack 4
Microsoft Windows XP Service Pack 1
Microsoft Windows XP Service Pack 2
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003
Microsoft Windows Server 2003 Service Pack 1
Microsoft Windows Server 2003 (Itanium)
Microsoft Windows Server 2003 SP1 (Itanium)
Microsoft Windows Server 2003 x64 Edition

Impact

Denial of Service

Recommended Actions

Currently we are not aware of any vendor-supplied patches for this issue.
http://www.microsoft.com/technet/security/

CVE References

CVE-2006-4071