Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2009-3678
HistoryMay 14, 2010 - 7:30 p.m.

CVE-2009-3678

2010-05-1419:30:00
CWE-189
[email protected]
web.nvd.nist.gov
37
cve-2009-3678
integer overflow
cdd.dll
canonical display driver
cdd
microsoft windows
denial of service
arbitrary code
crafted image file
data parsing
user-mode
kernel mode
irfanview
ati graphics driver
win32k.sys

7.8 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.057 Low

EPSS

Percentile

93.3%

JSON

Integer overflow in cdd.dll in the Canonical Display Driver (CDD) in Microsoft Windows Server 2008 R2 and Windows 7 on 64-bit platforms, when the Windows Aero theme is installed, allows context-dependent attackers to cause a denial of service (reboot) or possibly execute arbitrary code via a crafted image file that triggers incorrect data parsing after user-mode data is copied to kernel mode, as demonstrated using “Browse with Irfanview” and certain actions on a folder containing a large number of thumbnail images in Resample mode, possibly related to the ATI graphics driver or win32k.sys, aka “Canonical Display Driver Integer Overflow Vulnerability.”

Related

securityvulns 2
prion 1
nessus 2
seebug 1
checkpoint_advisories 1
cvelist 1
securityvulns
securityvulns
Microsoft Windows Canonical Display integer overflow
2010-07-14 00:00:00
Microsoft Security Bulletin MS10-043 - Critical Vulnerability in Canonical Display Driver Could Allow Remote Code Execution (2032276)
2010-07-14 00:00:00
prion
prion
Integer overflow
2010-05-14 19:30:00
nessus
nessus
MS10-043: Vulnerability in Canonical Display Driver Could Allow Remote Code Execution (2032276)
2010-07-13 00:00:00
Windows Server 2008 Critical RCE Vulnerabilities (uncredentialed) (PCI/DSS)
2018-04-03 00:00:00
seebug
seebug
Microsoft Windows cdd.dll驱动远程拒绝服务漏洞
2010-05-20 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Windows Canonical Display Driver Denial Of Service (CVE-2009-3678)
2010-05-20 00:00:00
cvelist
cvelist
CVE-2009-3678
2010-05-14 19:24:00

7.8 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.057 Low

EPSS

Percentile

93.3%

JSON
Related for CVE-2009-3678
securityvulns2prion1nessus2seebug1checkpoint_advisories1cvelist1