=====================================================================
                                   CERT-Renater

                        Note d'Information No. 2005/VULN691
_____________________________________________________________________

DATE                      : 09/11/2005

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Windows 2000, Windows XP, Windows Server 2003.

======================================================================

MS05-053 - Vulnerabilities in Graphics Rendering Engine Could Allow Code
Execution (896424)

Affected Software:
    - Microsoft Windows 2000 Service Pack (SP) 4
    - Microsoft Windows XP SP 1 and SP 2
    - Microsoft Windows XP Professional x64 Edition
    - Microsoft Windows Server 2003 SP 1
    - Microsoft Windows Server 2003 for Itanium-based Systems SP1
    - Microsoft Windows Server 2003 x64 Edition

Vulnerability Details

Graphics Rendering Engine - CAN-2005-2123:

    A remote code execution vulnerability exists in the rendering of
    Windows Metafile (WMF) and Enhanced Metafile (EMF) image formats that
    could allow remote code execution on an affected system. Any program
    that renders WMF or EMF images on the affected systems could be
    vulnerable to this attack. An attacker who successfully exploited this
    vulnerability could take complete control of an affected system.

Windows Metafile Vulnerability - CAN-2005-2124:

    A remote code execution vulnerability exists in the rendering of
    Windows Metafile (WMF) image format that could allow remote code
    execution on an affected system. Any program that renders WMF images
    on the affected systems could be vulnerable to this attack. An
    attacker who successfully exploited this vulnerability could take
    complete control of an affected system.

Enhanced Metafile Vulnerability - CAN-2005-0803:

    A denial of service vulnerability exists in the rendering of Enhanced
    Metafile (EMF) image format that could allow any program that renders
    EMF images to be vulnerable to attack. An attacker who successfully
    exploited this vulnerability could cause the affected programs to stop
    responding.

======================================================================

          =========================================================
          Les serveurs de référence du CERT-Renater
          http://www.urec.fr/securite
          http://www.cru.fr/securite
          http://www.renater.fr
          =========================================================
          + CERT-RENATER          | tel : 01-53-94-20-44          +
          + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
          + 75013 Paris           | email: certsvp@renater.fr     +
          =========================================================