Lucene search
SAINT CorporationSAINT:4CD7ADEE358199AAB6F5EEB5AF43BFA1HistoryApr 09, 2008 - 12:00 a.m.
Windows GDI EMF filename buffer overflow
2008-04-0900:00:00
SAINT Corporation
www.saintcorporation.com
10
0.713 High
EPSS
Percentile
97.7%
Added: 04/09/2008
CVE: CVE-2008-1087
BID: 28570
OSVDB: 44215
Background
The Windows Graphics Device Interface (GDI) interacts with graphics device drivers on behalf of applications.
Problem
A buffer overflow in Windows GDI allows command execution when a user opens a specially crafted EMF file containing a specially crafted filename parameter.
Resolution
Apply the security update referenced in Microsoft Security Bulletin 08-021.
References
<http://www.microsoft.com/technet/security/bulletin/MS08-021.mspx>
Limitations
Exploit works on Windows 2000 and requires a user to load the exploit page in Internet Explorer 6.
Platforms
Windows 2000
Related
checkpoint_advisories
checkpoint_advisories
seebug
seebug
Microsoft Windows GDIζδ»Άε解ζζ ζΊ’εΊζΌζ΄οΌMS08-021οΌ
2008-04-10 00:00:00
prion
prion
Stack overflow
2008-04-08 23:05:00
saint
saint
Windows GDI EMF filename buffer overflow
2008-04-09 00:00:00
Windows GDI EMF filename buffer overflow
2008-04-09 00:00:00
Windows GDI EMF filename buffer overflow
2008-04-09 00:00:00
cvelist
cvelist
CVE-2008-1087
2008-04-08 23:00:00
cve
cve
CVE-2008-1087
2008-04-08 23:05:00
nessus
nessus
MS08-021: Vulnerabilities in GDI Could Allow Remote Code Execution (948590)
2008-04-08 00:00:00
securityvulns
securityvulns