CVE-2005-0803
Severity CVSS v4.0:
Pending analysis
Type:
CWE-399
Resource Management Errors
Publication date:
02/05/2005
Last modified:
03/04/2025
Description
The GetEnhMetaFilePaletteEntries API in GDI32.DLL in Windows 2000 allows remote attackers to cause a denial of service (application crash) via a crafted Enhanced Metafile (EMF) file that causes invalid (1) end, (2) emreof, or (3) palent offsets to be used, aka "Enhanced Metafile Vulnerability."
Impact
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://marc.info/?l=bugtraq&m=111108743527497&w=2
- http://secunia.com/advisories/14631
- http://secunia.com/advisories/17223
- http://secunia.com/advisories/17461
- http://securitytracker.com/id?1015168=
- http://support.avaya.com/elmodocs2/security/ASA-2005-228.pdf
- http://www.kb.cert.org/vuls/id/134756
- http://www.osvdb.org/20580
- http://www.securityfocus.com/bid/12834
- http://www.us-cert.gov/cas/techalerts/TA05-312A.html
- http://www.vupen.com/english/advisories/2005/2348
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-053
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19727
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1121
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1152
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1215
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1240
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A671
- http://marc.info/?l=bugtraq&m=111108743527497&w=2
- http://secunia.com/advisories/14631
- http://secunia.com/advisories/17223
- http://secunia.com/advisories/17461
- http://securitytracker.com/id?1015168=
- http://support.avaya.com/elmodocs2/security/ASA-2005-228.pdf
- http://www.kb.cert.org/vuls/id/134756
- http://www.osvdb.org/20580
- http://www.securityfocus.com/bid/12834
- http://www.us-cert.gov/cas/techalerts/TA05-312A.html
- http://www.vupen.com/english/advisories/2005/2348
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-053
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19727
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1121
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1152
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1215
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1240
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A671