Windows Explorer and Internet Explorer in Windows 2000 SP1 allows remote attackers to cause a denial of service (CPU consumption) via a malformed Windows Metafile (WMF) file.
https://exchange.xforce.ibmcloud.com/vulnerabilities/15507
http://www.securityfocus.com/bid/9892