Several remote code execution vulnerabilities exist in the way that GDI handles: 1) integer valculations; and 2) filename parameters in EMF files. The vulnerability could allow remote code execution if a user opens a specially crafted EMF or WMF image file. The risk is HIGH. An attacker who successfully exploited this vulnerability could take complete control of an affected system. This exploit has been seen in the wild.
More...