Unspecified kernel GDI functions in Microsoft Windows 2000 SP4; XP SP2; and Server 2003 Gold, SP1, and SP2 allows user-assisted remote attackers to cause a denial of service (possibly persistent restart) via a crafted Windows Metafile (WMF) image that causes an invalid dereference of an offset in a kernel structure, a related issue to CVE-2005-4560.

Threat-Mapped Scoring

Score: 1.5

Priority: P4 - Informational (Low)

• S10 – Denial of Service

EPSS

Score: 0.73892
Percentile: 0.98749

CVSS Scoring

Affected Products

• cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*
• cpe:2.3:o:microsoft:windows_2003_server:gold:*:*:*:*:*:*:*
• cpe:2.3:o:microsoft:windows_2003_server:gold:*:itanium:*:*:*:*:*
• cpe:2.3:o:microsoft:windows_2003_server:gold:*:x64:*:*:*:*:*
• cpe:2.3:o:microsoft:windows_2003_server:sp1:*:*:*:*:*:*:*
• cpe:2.3:o:microsoft:windows_2003_server:sp1:*:itanium:*:*:*:*:*
• cpe:2.3:o:microsoft:windows_2003_server:sp2:*:*:*:*:*:*:*
• cpe:2.3:o:microsoft:windows_2003_server:sp2:*:itanium:*:*:*:*:*
• cpe:2.3:o:microsoft:windows_2003_server:sp2:*:x64:*:*:*:*:*
• cpe:2.3:o:microsoft:windows_xp:*:gold:professional_x64:*:*:*:*:*
• cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*
• cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*

← Back to Home