Microsoft Windows / Internet Explorer WMF Remote Code Execution Exploit (9day) :] Advisory ID : FrSIRT/ADV-2005-3086 Note : This unpatched vulnerability is currently being exploited in the wild ChangeLog 2005-12-28 : Initial release 2005-12-28 : Updated Description and Solution 2005-12-28 : Updated Affected Products (Windows 2000 SP4 and Windows 98/Me) 2005-12-28 : Updated References (Microsoft KB912840) 2005-12-31 : Additional Exploit Affected Products Microsoft Windows 2000 Service Pack 4 Microsoft Windows XP Service Pack 1 Microsoft Windows XP Service Pack 2 Microsoft Windows XP Professional x64 Edition Microsoft Windows Server 2003 Microsoft Windows Server 2003 for Itanium-based Systems Microsoft Windows Server 2003 Service Pack 1 Microsoft Windows Server 2003 with SP1 for Itanium-based Systems Microsoft Windows Server 2003 x64 Edition Microsoft Windows 98 Microsoft Windows 98 Second Edition (SE) Microsoft Windows Millennium Edition (ME) Authors Daniel Bonekeeper (thehazard@gmail.com) H D Moore (hdm@metasploit.com) san (san@xfocus.org) O600KO78RUS@unknown.ru
