Lucene search
SAINT CorporationSAINT:0670EE32C2DE8487E4259B5218224E15HistoryNov 30, 2007 - 12:00 a.m.
Microsoft Color Management Module profile tag buffer overflow
2007-11-3000:00:00
SAINT Corporation
download.saintcorporation.com
26
EPSS
0.918
Percentile
98.9%
Added: 11/30/2007
CVE: CVE-2005-1219
BID: 14214
OSVDB: 17830
Background
The Microsoft Color Management Module helps programs achieve consistent display of colors. International Color Consortium (ICC) profiles are used to ensure that colors are represented accurately to users.
Problem
A buffer overflow in the Microsoft Color Management Module allows command execution when a user opens an image with a specially crafted ICC profile format tag.
Resolution
Apply the patch referenced in Microsoft Security Bulletin 05-036.
References
<http://www.kb.cert.org/vuls/id/720742>
<http://archives.neohapsis.com/archives/bugtraq/2005-07/0251.html>
Limitations
A user must download the exploit file and open it in Microsoft Word.
Platforms
Windows 2000
Windows XP
Related
checkpoint_advisories
checkpoint_advisories
nvd
nvd
CVE-2005-1219
2005-07-12 04:00:00
cvelist
cvelist
CVE-2005-1219
2005-07-12 04:00:00
saint
saint
Microsoft Color Management Module profile tag buffer overflow
2007-11-30 00:00:00
Microsoft Color Management Module profile tag buffer overflow
2007-11-30 00:00:00
Microsoft Color Management Module profile tag buffer overflow
2007-11-30 00:00:00
securityvulns
securityvulns
cve
cve
CVE-2005-1219
2005-07-12 04:00:00
nessus
nessus
exploitdb
exploitdb
Microsoft Windows - Color Management Module Overflow (MS05-036) (1)
2005-07-21 00:00:00
Microsoft Windows - Color Management Module Overflow (MS05-036) (2)
2006-02-17 00:00:00
cert
cert