2 matches found
Microsoft Windows GDI+ .NET API Remote Code Execution (MS09-062; CVE-2009-2504)
A remote code execution vulnerability has been discovered in the Microsoft Windows GDI .NET API. The vulnerability is a result of an integer overflow in certain GDI+ APIs that are accessible from .NET Framework applications. A remote attacker may trigger this issue by convincing a user to open a...
CVE-2009-2504
CVE-2009-2504 corresponds to MS09-062: multiple remote code execution vulnerabilities in Windows GDI+ exposed via GDI+ APIs used by .NET Framework and Office components. The issue stems from integer overflows/buffer handling in GDI+, enabling remote code execution when rendering crafted images in...