VulDB: Microsoft Windows XP/Server 2003 WMF File Handler Designfehler
General
scipID: 1934
Affected: Microsoft Windows XP/Server 2003
Published: 12/28/2005 (Dan Hubbard)
Risk: 
very critical
Entry: 100% complete
Created: 12/28/2005
Updated: 04/09/2013
Summary
A vulnerability, which was classified as very critical, has been found in Microsoft Windows XP/Server 2003. Affected by this issue is an unknown function of the component WMF File Handler. The manipulation with an unknown input leads to a designfehler vulnerability. The impact remains unknown.
The weakness was shared 12/28/2005 by Dan Hubbard with Websense Security Labs as MS06-001. The advisory is shared for download at microsoft.com. This vulnerability is handled as CVE-2005-4560 since 12/28/2005. The attack may be launched remotely. The technical details are unknown and an exploit is not available.
The vulnerability was handled as a non-public zero-day exploit for at least 8 days. The vulnerability scanner Nessus provides a plugin with the ID 20382, which helps to determine the existence of the flaw in a target environment. It is running in the context local and relying on port 139.
Applying the patch MS06-001 is able to eliminate this problem. The bugfix is ready for download at microsoft.com. A possible mitigation has been published 2 weeks after the disclosure of the vulnerability. The vulnerability is also documented in the databases at OSVDB (21987), Secunia (SA18415), SecurityFocus (BID 16074), SecurityTracker (ID 1015416) and X-Force (23846). scip.ch is providing further details.CVSS
Base Score: 4.6 (CVSS2#AV:N/AC:H/Au:S/C:P/I:P/A:P) [?]
| Access Vector | Access Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Local | High | Multiple | None | None | None |
| Adjacent | Medium | Single | Partial | Partial | Partial |
| Network | Low | None | Complete | Complete | Complete |
Exploiting
Class: Designfehler
Local: No
Remote: Yes
Availability: No
Nessus ID: 20382
Nessus Risk: High
Nessus Context: local
Nessus Port: 139
Countermeasures
Recommended: Patch
Reaction Time: 8 days since reported
0-Day Time: 8 days since found
Exposure Time: 8 days since known
Patch: MS06-001
Timeline
12/28/2005 | Advisory disclosed
12/28/2005 | CVE assigned
12/28/2005 | OSVDB entry created
12/28/2005 | VulDB entry created
01/05/2006 | Countermeasure disclosed
01/05/2006 | Nessus plugin released
04/09/2013 | VulDB entry updated
Sources
Advisory: MS06-001
Researcher: Dan Hubbard
Company: Websense Security Labs
OSVDB: 21987
CVE: CVE-2005-4560 (mitre.org) (nist.org) (cvedetails.com)
Secunia: 18415
SecurityFocus: 16074
SecurityTracker: 1015416
X-Force: 23846
Vupen: ADV-2005-3086
Misc.: scip.ch
