Added: 11/30/2007
CVE: CVE-2005-1219
BID: 14214
OSVDB: 17830
The Microsoft Color Management Module helps programs achieve consistent display of colors. International Color Consortium (ICC) profiles are used to ensure that colors are represented accurately to users.
A buffer overflow in the Microsoft Color Management Module allows command execution when a user opens an image with a specially crafted ICC profile format tag.
Apply the patch referenced in Microsoft Security Bulletin 05-036.
<http://www.kb.cert.org/vuls/id/720742>
<http://archives.neohapsis.com/archives/bugtraq/2005-07/0251.html>
A user must download the exploit file and open it in Microsoft Word.
Windows 2000
Windows XP