cpe:/o:microsoft:windows_2000::sp4::fr cpe:/o:microsoft:windows_2003_server:r2 cpe:/o:microsoft:windows_2003_server:sp1 cpe:/o:microsoft:windows_98::gold cpe:/o:microsoft:windows_98se cpe:/o:microsoft:windows_me cpe:/o:microsoft:windows_xp::sp1:tablet_pc cpe:/o:microsoft:windows_xp::sp2:tablet_pc CVE-2006-0020 2006-01-10T16:03:00.000-05:00 2017-10-10T21:30:33.203-04:00 9.3 NETWORK MEDIUM NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2006-01-11T08:39:00.000-05:00 ALLOWS_ADMIN_ACCESS BID 16516 SECUNIA 18729 SECUNIA 18912 OSVDB 22976 VUPEN ADV-2006-0469 MS MS06-004 CERT TA06-045A CERT-VN VU#312956 MLIST [funsec] 20060110 Another WMF flaw without a Microsoft patch CONFIRM http://www.microsoft.com/technet/security/advisory/913333.mspx An unspecified Microsoft WMF parsing application, as used in Internet Explorer 5.01 SP4 on Windows 2000 SP4, and 5.5 SP2 on Windows Millennium, and possibly other versions, allows attackers to cause a denial of service (crash) and possibly execute code via a crafted WMF file with a manipulated WMF header size, possibly involving an integer overflow, a different vulnerability than CVE-2005-4560, and aka "WMF Image Parsing Memory Corruption Vulnerability."