Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2008-3013
HistorySep 11, 2008 - 1:11 a.m.

CVE-2008-3013

2008-09-1101:11:47
CWE-399
[email protected]
web.nvd.nist.gov

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

Low

0.799 High

EPSS

Percentile

98.3%

JSON

gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a malformed GIF image file containing many extension markers for graphic control extensions and subsequent unknown labels, aka β€œGDI+ GIF Parsing Vulnerability.”

Affected configurations

NVD
Node
microsoftdigital_image_suiteMatch2006
OR
microsoftforefront_client_securityMatch1.0
OR
microsoftinternet_explorerMatch6sp1
OR
microsoftofficeMatch2003sp2
OR
microsoftofficeMatch2003sp3
OR
microsoftofficeMatch2007gold
OR
microsoftofficeMatch2007sp1
OR
microsoftofficeMatchxpsp3
OR
microsoftpowerpoint_viewerMatch2003
OR
microsoftreport_viewerMatch2005sp1
OR
microsoftreport_viewerMatch2008
OR
microsoftsql_serverMatch2005sp2
OR
microsoftsql_server_reporting_servicesMatch2000sp2
OR
microsoftvisioMatch2002sp2
OR
microsoftworksMatch8.0
OR
microsoftwindows_server_2008Match-
OR
microsoftwindows_vistagold
OR
microsoftwindows_vistasp2
OR
microsoftwindows_xpsp2
OR
microsoftwindows_xpsp3

Related

cve 1
checkpoint_advisories 2
securityvulns 4
zdi 1
prion 1
cvelist 1
seebug 1
nessus 2
openvas 2
mskb 1
cve
cve
CVE-2008-3013
2008-09-11 01:11:47
checkpoint_advisories
checkpoint_advisories
Microsoft Windows GDI+ GIF Parsing Buffer Overflow (MS08-052; CVE-2008-3013)
2008-09-02 00:00:00
Microsoft Windows GDI+ GIF Parsing Buffer Overflow (MS08-052) - Ver2 (CVE-2008-3013)
2015-05-18 00:00:00
securityvulns
securityvulns
Windows GDI+ GIF memory corruption
2008-09-10 00:00:00
ZDI-08-056: Microsoft Windows GDI+ GIF Parsing Code Execution Vulnerability
2008-09-10 00:00:00
Microsoft Windows GDI library multiple security vulnerabilities
2008-09-10 00:00:00
zdi
zdi
Microsoft Windows GDI+ GIF Parsing Code Execution Vulnerability
2008-09-09 00:00:00
prion
prion
Code injection
2008-09-11 01:11:00
cvelist
cvelist
CVE-2008-3013
2008-09-10 15:00:00
seebug
seebug
Microsoft GDI+ GIFζ–‡δ»ΆθΏœη¨‹δ»£η ζ‰§θ‘ŒζΌζ΄žοΌˆMS08-052οΌ‰
2008-09-11 00:00:00
nessus
nessus
MS08-052: Vulnerabilities in GDI+ Could Allow Remote Code Execution (954593) (uncredentialed check)
2018-01-24 00:00:00
MS08-052: Vulnerabilities in GDI+ Could Allow Remote Code Execution (954593)
2008-09-10 00:00:00
openvas
openvas
Microsoft Products GDI Plus Remote Code Execution Vulnerabilities (954593)
2011-01-18 00:00:00
Microsoft Products GDI Plus Remote Code Execution Vulnerabilities (954593)
2011-01-18 00:00:00
mskb
mskb
KB954593 - MS08-052: Vulnerabilities in GDI+ could allow remote code execution
2020-10-20 07:12:22

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

Low

0.799 High

EPSS

Percentile

98.3%

JSON
Related for NVD:CVE-2008-3013
cve1checkpoint_advisories2securityvulns4zdi1prion1cvelist1seebug1nessus2openvas2mskb1