11 matches found
SUSE CVE-2005-4560
The Windows Graphical Device Interface library GDI32.DLL in Microsoft Windows allows remote attackers to execute arbitrary code via a Windows Metafile WMF format image with a crafted SETABORTPROC GDI Escape function call, related to the Windows Picture and Fax Viewer SHIMGVW.DLL, a different...
Windows Thumbnail View CreateSizedDIBSECTION buffer overflow
Added: 01/14/2011 CVE: CVE-2010-3970 BID: 45662 OSVDB: 70263 Background The shimgvw.dll library is part of the Microsoft Graphics Rendering Engine. Problem A vulnerability in shimgvw.dll allows command execution when Windows renders a thumbnail image which passes a specially crafted biClrUsed...
Windows Thumbnail View CreateSizedDIBSECTION buffer overflow
Added: 01/14/2011 CVE: CVE-2010-3970 BID: 45662 OSVDB: 70263 Background The shimgvw.dll library is part of the Microsoft Graphics Rendering Engine. Problem A vulnerability in shimgvw.dll allows command execution when Windows renders a thumbnail image which passes a specially crafted biClrUsed...
Windows Thumbnail View CreateSizedDIBSECTION buffer overflow
Added: 01/14/2011 CVE: CVE-2010-3970 BID: 45662 OSVDB: 70263 Background The shimgvw.dll library is part of the Microsoft Graphics Rendering Engine. Problem A vulnerability in shimgvw.dll allows command execution when Windows renders a thumbnail image which passes a specially crafted biClrUsed...
Windows Thumbnail View CreateSizedDIBSECTION buffer overflow
Added: 01/14/2011 CVE: CVE-2010-3970 BID: 45662 OSVDB: 70263 Background The shimgvw.dll library is part of the Microsoft Graphics Rendering Engine. Problem A vulnerability in shimgvw.dll allows command execution when Windows renders a thumbnail image which passes a specially crafted biClrUsed...
MS KB2490606: Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution
If a remote attacker can trick a user on the affected host into opening a specially crafted bitmap file, the attacker could leverage an as-yet unpatched vulnerability in the graphics rendering engine that arises due to its failure to validate the 'biClrUsed' parameter and thereby execute arbitrar...
Microsoft Windows graphics engine thumbnail stack buffer overflow
Overview Microsoft Windows contains a stack-based buffer overflow vulnerability in the graphics rendering engine, which may allow an attacker to execute arbitrary code. Description Microsoft Windows contains a stack-based buffer overflow vulnerability caused by a signedness error in the...
Microsoft Warns Of Security Hole in Windows Graphics Engine
Microsoft issued an advisory to Windows users about a security vulnerability in a common Windows component that could be used by remote attackers to run malicious code on machines running the Windows XP, Vista and Windows Server 2003 operating systems. The company said on Tuesday that it is...
CVE-2010-3970
CVE-2010-3970 is a stack-based buffer overflow in CreateSizedDIBSECTION within shimgvw.dll (Windows Shell Graphics Processing). It is triggered by a crafted thumbnail bitmap (e.g., via a negative biClrUsed value) and can allow remote code execution. Affected products include Windows XP SP2/SP3, S...
CVE-2005-4560
The Windows Graphical Device Interface library GDI32.DLL in Microsoft Windows allows remote attackers to execute arbitrary code via a Windows Metafile WMF format image with a crafted SETABORTPROC GDI Escape function call, related to the Windows Picture and Fax Viewer SHIMGVW.DLL, a different...
CVE-2005-4560
CVE-2005-4560 is a Windows GDI/WMF parsing vulnerability in GDI32.DLL that allows remote code execution via a crafted WMF image using the SETABORTPROC GDI Escape function, with SHIMGVW.DLL involved. The issue is tied to WMF/EMF processing in Windows, and public details describe arbitrary code exe...