Lucene search
SAINT CorporationSAINT:646DECAEE74E5AB9425C161B147A6F23HistoryNov 30, 2007 - 12:00 a.m.
Microsoft Color Management Module profile tag buffer overflow
2007-11-3000:00:00
SAINT Corporation
www.saintcorporation.com
27
EPSS
0.918
Percentile
98.9%
Added: 11/30/2007
CVE: CVE-2005-1219
BID: 14214
OSVDB: 17830
Background
The Microsoft Color Management Module helps programs achieve consistent display of colors. International Color Consortium (ICC) profiles are used to ensure that colors are represented accurately to users.
Problem
A buffer overflow in the Microsoft Color Management Module allows command execution when a user opens an image with a specially crafted ICC profile format tag.
Resolution
Apply the patch referenced in Microsoft Security Bulletin 05-036.
References
<http://www.kb.cert.org/vuls/id/720742>
<http://archives.neohapsis.com/archives/bugtraq/2005-07/0251.html>
Limitations
A user must download the exploit file and open it in Microsoft Word.
Platforms
Windows 2000
Windows XP
Related
checkpoint_advisories
checkpoint_advisories
saint
saint
Microsoft Color Management Module profile tag buffer overflow
2007-11-30 00:00:00
Microsoft Color Management Module profile tag buffer overflow
2007-11-30 00:00:00
Microsoft Color Management Module profile tag buffer overflow
2007-11-30 00:00:00
nvd
nvd
CVE-2005-1219
2005-07-12 04:00:00
cvelist
cvelist
CVE-2005-1219
2005-07-12 04:00:00
securityvulns
securityvulns
cve
cve
CVE-2005-1219
2005-07-12 04:00:00
nessus
nessus
exploitdb
exploitdb
Microsoft Windows - Color Management Module Overflow (MS05-036) (1)
2005-07-21 00:00:00
Microsoft Windows - Color Management Module Overflow (MS05-036) (2)
2006-02-17 00:00:00
cert
cert