Privilege escalation

The Graphics Device Interface GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges via a crafted application, aka "GDI Elevatio...

Remote code execution

The Graphics Device Interface GDI in Microsoft Windows 10 1607 allows remote attackers to execute arbitrary code via a crafted document, aka "GDI Remote Code Execution Vulnerability."...

Microsoft Windows GDI Information Disclosure Vulnerability

Microsoft Windows is a family of operating systems released by Microsoft Corporation in the United States. Graphics Device Interface GDI is one of the graphics device interface components. An information disclosure vulnerability exists in the Graphics Device Interface in Microsoft Windows that...

Microsoft Windows GDI Elevation of Privilege Vulnerability

Microsoft Windows is a series of operating systems released by Microsoft Corporation in the U.S. Graphics Device Interface GDI is one of the graphics device interface components. An elevation of privilege vulnerability exists in the Graphics Device Interface in Microsoft Windows. An attacker can...

Microsoft Windows GDI Memory Corruption Vulnerability

Microsoft Windows is a series of operating systems released by Microsoft Corporation in the U.S. Graphics Device Interface GDI is one of the graphics device interface components. A memory corruption vulnerability exists in the Graphics Device Interface in Microsoft Windows. A remote attacker coul...

GDI+ Remote Code Execution Vulnerability

A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface GDI handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or dele...

CVE-2016-3251

The GDI component in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to obtain sensitive kernel-address information via a crafte...

The vulnerability of Microsoft Lync Server software allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the GDI+ component of the Microsoft Lync Attendee User program, related to the processing of specially crafted images, allows for remote execution of code when a user opens a specially crafted image. Exploiting this vulnerability enables a malicious individual to gain full...

CVE-2016-0170

GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted document, aka "Windows Graphics Component RCE...

CVE-2016-0169

GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to obtain sensitive information via a crafted document, aka "Windows Graphics Component...

Microsoft Windows Security Mechanism Bypass Vulnerability (CNVD-2016-00252)

Microsoft Windows is a popular operating system. A security bypass vulnerability exists in Microsoft Windows Graphics Device Interface GDI32.dll, which can be exploited by remote attackers to bypass the ASLR protection mechanism and perform unauthorized operations...

CVE-2016-0008

The graphics device interface in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to bypass the ASLR protection mechanism via unspecified vectors, aka "Windo...

CVE-2016-0008

The graphics device interface in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to bypass the ASLR protection mechanism via unspecified vectors, aka "Windo...

Microsoft Graphics Device Interface Integer Overflow - Ver2 (CVE-2013-3940)

An integer overflow vulnerability has been reported in the way that the Windows Graphics Device Interface GDI processes specially crafted image files. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted Windows Write file. Successful exploitation of this...

Microsoft Windows 2000/XP GDI Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3481/info The Windows Graphics Device Interface GDI is a set of Application Programming Interfaces APIs used to display graphical output. A vulnerability exists which causes the GDI to invoke a Kernel Mode Exception due t...

Microsoft Windows Graphics Device Interface RCE Vulnerability (2876331)

This host is missing a critical security update according to Microsoft Bulletin MS13-089. OpenVAS Vulnerability Test $Id: secpodms13-089.nasl 5346 2017-02-19 08:43:11Z cfi $ Microsoft Windows Graphics Device Interface RCE Vulnerability 2876331 Authors: Shashi Kiran N Copyright: Copyright C 2013...

Microsoft Windows Graphics Device Interface RCE Vulnerability (2876331)

This host is missing a critical security update according to Microsoft Bulletin MS13-089. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft Windows Graphics Device Interface CVE-2013-3940 Remote Integer Overflow Vulnerability

Description Microsoft Windows is prone to a remote integer-overflow vulnerability. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts may result in a denial-of-service condition. Technologies Affect...

Microsoft Graphics Device Interface Integer Overflow (MS13-089; CVE-2013-3901)

A remote code execution vulnerability has been reported in the Windows Graphics Device Interface GDI...

VulnCheck KEV: CVE-2008-2249

Integer overflow in GDI in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to execute arbitrary code via a malformed header in a crafted WMF file, which triggers a buffer overflow, aka "GDI Integer Overflow...