4 matches found
Microsoft Windows Graphics Rendering Engine Code Execution (MS07-046) - Ver2 (CVE-2007-3034)
The Windows Metafile WMF is a standard Windows image file format. It consists of a set of graphics functions and parameters that describe the steps required to render an image. WMF is a 16-bit format that can contain both vector and bitmap information. A WMF file contains a main header, followed ...
Microsoft Windows GDI AttemptWrite函数远程堆溢出漏洞(MS07-046)
BUGTRAQ ID: 25302 CVECAN ID: CVE-2007-3034 Microsoft Windows是微软发布的非常流行的操作系统。 Windows的图形设备接口(GDI)的GDI32函数AttemptWrite处理Windows元文件时可能会出现整数溢出,远程攻击者可能利用此漏洞提升自己的权限。 如下反汇编所示,很多GDI32 API函数都会调用AttemptWrite,如CreateMetaFileW。 77F4B519 mov esi, ebp+0Ch ; reported size of record in bytes ... ; user-controlle...
CVE-2007-3034
Summary: CVE-2007-3034 is a remote code execution vulnerability in Microsoft Windows GDI. An integer overflow in the AttemptWrite function while processing Windows Metafiles (WMF) can cause a heap-based overflow when handling unusually large record lengths. A remote attacker could craft a WMF to ...
Microsoft GDI Windows Metafile AttemptWrite integer overflow
Overview Microsoft Windows GDI contains an integer overflow in the handling of Windows metafiles, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft Windows GDI Graphics Device Interface enables applications to use graphics a...