New WMF exploit released. Infocon Yellow.

SANS:
New exploit released for the WMF vulnerability. Infocon back to Yellow.

The exploit generates files:

* with a random size;
* no .wmf extension, (.jpg), but could be any other image extension actually;
* a random piece of junk in front of the bad call; carefully crafted to be larger than the MTU on an ethernet network;
* a number of possible calls to run the exploit are listed in the source;
* a random trailer

Tags: WMF, Security