5 matches found
Microsoft GDI+ BMP整数溢出漏洞(MS08-052)
BUGTRAQ ID: 31022 CVE ID:CVE-2008-3015 CNCVE ID:CNCVE-20083015 Microsoft Windows是一款微软开发的操作系统。 Microsoft Windows GDI+子系统解析特殊构建的BMP文件存在问题,远程攻击者可以利用漏洞进行内存破坏,可导致以登录用户进程权限执行任意代码。 提供畸形的BitMapInfoHeader可导致不正确的整数计算,而在之后造成内存破坏问题,构建特殊的BMP文件,诱使用户访问,可触发此漏洞。 Microsoft Works 8.0 Microsoft Visual Studio 2003...
CVE-2008-3015
CVE-2008-3015 (GDI+ BMP Integer Overflow) describes a vulnerability in gdiplus.dll where a BMP BitMapInfoHeader with malformed data can trigger a buffer overflow, enabling remote code execution. Affected products include Office XP SP3, Office 2003 SP2/SP3, Office 2007, Visio 2002 SP2, PowerPoint ...
ZDI-08-055: Microsoft Windows GDI+ BMP Parsing Code Execution Vulnerability
ZDI-08-055: Microsoft Windows GDI+ BMP Parsing Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-055 September 9, 2008 -- CVE ID: CVE-2008-3015 -- Affected Vendors: Microsoft -- Affected Products: Microsoft Windows XP Microsoft Windows Server 2008 Microsoft Windows...
MS08-052: Vulnerabilities in GDI+ Could Allow Remote Code Execution (954593)
The remote host is running a version of Windows that has multiple buffer overflow vulnerabilities when viewing VML, EMF, GIF, WMF and BMP files that could allow an attacker to execute arbitrary code on the remote host. To exploit these flaws, an attacker would need to send a malformed image file ...
Microsoft Windows GDI+ BMP File Parsing Integer Overflow (MS08-052; CVE-2004-0904; CVE-2008-3015)
Bitmap BMP is an image file format used to store bitmap digital images. A remote code execution vulnerability has been discovered in the way GDI+ handles integer calculations for BMP files. The vulnerability is due to a buffer overflow when GDI+ fails to properly processes a malformed header in a...