Lucene search
K

12 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.25 views

Microsoft Windows CreateSizedDIBSECTION Stack Buffer Overflow

No description provided by source. $Id: ms11006createsizeddibsection.rb 11730 2011-02-08 23:31:44Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2011/03/11 11:54 a.m.37 views

Microsoft Windows Picture and Fax Viewer Library Vulnerability !

Microsoft Windows Picture and Fax Viewer Library Vulnerability ! I. BACKGROUND The Windows Picture and Fax Viewer "shimgvw.dll" library is used by Windows Explorer to generate thumbnail previews for media files. II. DESCRIPTION Remote exploitation of a buffer overflow vulnerability in multiple...

9.3CVSS8AI score0.67687EPSS
Exploits10
OpenVAS
OpenVAS
added 2011/02/09 12:0 a.m.41 views

Vulnerability in Windows Shell Graphics Processing Could Allow Remote Code Execution (2483185)

This host is missing a critical security update according to Microsoft Bulletin MS11-006. OpenVAS Vulnerability Test $Id: secpodms11-006.nasl 5362 2017-02-20 12:46:39Z cfi $ Vulnerability in Windows Shell Graphics Processing Could Allow Remote Code Execution 2483185 Authors: Madhuri D Copyright:...

9.3CVSS0.7AI score0.67687EPSS
Exploits10References3
Metasploit
Metasploit
added 2011/02/08 11:31 p.m.40 views

MS11-006 Microsoft Windows CreateSizedDIBSECTION Stack Buffer Overflow

This module exploits a stack-based buffer overflow in the handling of thumbnails within .MIC files and various Office documents. When processing a thumbnail bitmap containing a negative 'biClrUsed' value, a stack-based buffer overflow occurs. This leads to arbitrary code execution. In order to...

9.3CVSS8AI score0.67687EPSS
Exploits10
Circl
Circl
added 2011/02/08 12:0 a.m.18 views

CVE-2010-3970

creationtimestamp| type| source ---|---|--- 2011-02-08 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/16660 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/ms11006createsizeddibsection.rb 2025-02-06...

9.3CVSS5.9AI score0.67687EPSS
Exploits10References2
Tenable Nessus
Tenable Nessus
added 2011/02/08 12:0 a.m.45 views

MS11-006: Vulnerability in Windows Shell Graphics Processing Could Allow Remote Code Execution (2483185)

If a remote attacker can trick a user on the affected host into opening a specially crafted bitmap file, a vulnerability in the graphics rendering engine that arises due to its failure to validate the 'biClrUsed' parameter could be leveraged to execute arbitrary code on the host subject to the...

9.3CVSS6.1AI score0.67687EPSS
Exploits10References2
Saint
Saint
added 2011/01/14 12:0 a.m.39 views

Windows Thumbnail View CreateSizedDIBSECTION buffer overflow

Added: 01/14/2011 CVE: CVE-2010-3970 BID: 45662 OSVDB: 70263 Background The shimgvw.dll library is part of the Microsoft Graphics Rendering Engine. Problem A vulnerability in shimgvw.dll allows command execution when Windows renders a thumbnail image which passes a specially crafted biClrUsed...

9.3CVSS6.3AI score0.67687EPSS
Exploits10
Saint
Saint
added 2011/01/14 12:0 a.m.31 views

Windows Thumbnail View CreateSizedDIBSECTION buffer overflow

Added: 01/14/2011 CVE: CVE-2010-3970 BID: 45662 OSVDB: 70263 Background The shimgvw.dll library is part of the Microsoft Graphics Rendering Engine. Problem A vulnerability in shimgvw.dll allows command execution when Windows renders a thumbnail image which passes a specially crafted biClrUsed...

9.3CVSS6.3AI score0.67687EPSS
Exploits10
Saint
Saint
added 2011/01/14 12:0 a.m.29 views

Windows Thumbnail View CreateSizedDIBSECTION buffer overflow

Added: 01/14/2011 CVE: CVE-2010-3970 BID: 45662 OSVDB: 70263 Background The shimgvw.dll library is part of the Microsoft Graphics Rendering Engine. Problem A vulnerability in shimgvw.dll allows command execution when Windows renders a thumbnail image which passes a specially crafted biClrUsed...

9.3CVSS6.3AI score0.67687EPSS
Exploits10
CERT
CERT
added 2011/01/05 12:0 a.m.36 views

Microsoft Windows graphics engine thumbnail stack buffer overflow

Overview Microsoft Windows contains a stack-based buffer overflow vulnerability in the graphics rendering engine, which may allow an attacker to execute arbitrary code. Description Microsoft Windows contains a stack-based buffer overflow vulnerability caused by a signedness error in the...

9.3CVSS7.1AI score0.67687EPSS
Exploits10References2
Cvelist
Cvelist
added 2010/12/22 8:0 p.m.41 views

CVE-2010-3970

Stack-based buffer overflow in the CreateSizedDIBSECTION function in shimgvw.dll in the Windows Shell graphics processor aka graphics rendering engine in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary...

7.8AI score0.67687EPSS
Exploits10References11
CVE
CVE
added 2010/12/22 8:0 p.m.81 views

CVE-2010-3970

CVE-2010-3970 is a stack-based buffer overflow in CreateSizedDIBSECTION within shimgvw.dll (Windows Shell Graphics Processing). It is triggered by a crafted thumbnail bitmap (e.g., via a negative biClrUsed value) and can allow remote code execution. Affected products include Windows XP SP2/SP3, S...

9.3CVSS7.9AI score0.67687EPSS
Exploits10References11Affected Software4
Rows per page
Query Builder