Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2008-3465
HistoryDec 10, 2008 - 2:00 p.m.

CVE-2008-3465

2008-12-1014:00:00
CWE-119
[email protected]
web.nvd.nist.gov
27
cve-2008-3465
gdi api
buffer overflow
microsoft windows
denial of service
arbitrary code execution
wmf file
vulnerability

7.8 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.028 Low

EPSS

Percentile

90.6%

JSON

Heap-based buffer overflow in an API in GDI in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows context-dependent attackers to cause a denial of service or execute arbitrary code via a WMF file with a malformed file-size parameter, which would not be properly handled by a third-party application that uses this API for a copy operation, aka β€œGDI Heap Overflow Vulnerability.”

Related

prion 1
checkpoint_advisories 1
seebug 1
cvelist 1
openvas 2
securityvulns 2
nessus 1
prion
prion
Heap overflow
2008-12-10 14:00:00
checkpoint_advisories
checkpoint_advisories
Workaround for Microsoft GDI WMF Heap Overflow Vulnerability (MS08-071)
2008-12-09 00:00:00
seebug
seebug
Microsoft Windows GDIζ–‡δ»Άε€§ε°ε‚ζ•°ε †ζΊ’ε‡ΊζΌζ΄žοΌˆMS08-071οΌ‰
2008-12-11 00:00:00
cvelist
cvelist
CVE-2008-3465
2008-12-10 13:33:00
openvas
openvas
Vulnerabilities in GDI Could Allow Remote Code Execution (956802)
2008-12-10 00:00:00
Vulnerabilities in GDI Could Allow Remote Code Execution (956802)
2008-12-10 00:00:00
securityvulns
securityvulns
Microsoft Windows GDI library multiple security vulnerabilities
2008-12-10 00:00:00
Microsoft Security Bulletin MS08-071 – Critical Vulnerabilities in GDI Could Allow Remote Code Execution (956802)
2008-12-10 00:00:00
nessus
nessus
MS08-071: Vulnerabilities in GDI+ Could Allow Remote Code Execution (956802)
2008-12-10 00:00:00

7.8 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.028 Low

EPSS

Percentile

90.6%

JSON
Related for CVE-2008-3465
prion1checkpoint_advisories1seebug1cvelist1openvas2securityvulns2nessus1