CVE-2006-2376

CVE Database · CVE-2006-2376

CVE-2006-2376

· N/AModified

CVSS v3.1

N/A

EPSS

41.10%

Published

Jun 13, 2006

Modified

Apr 15, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Integer overflow in the PolyPolygon function in Graphics Rendering Engine on Microsoft Windows 98 and Me allows remote attackers to execute arbitrary code via a Windows Metafile (WMF) or EMF image with a sum of entries in the vertext counts array and number of polygons that triggers a heap-based buffer overflow.

Weaknesses (CWE)

CWE-189

Affected Products (3)

microsoft · windows_98vulnerable

microsoft · windows_98sevulnerable

microsoft · windows_mevulnerable

References (20)

http://secunia.com/advisories/20631

PatchVendor Advisory

http://securityreason.com/securityalert/1094

http://securitytracker.com/id?1016286

http://www.kb.cert.org/vuls/id/909508