PT-2009-4920 · Microsoft · Windows Server 2003 +5

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 Description: The issue arises from the Graphics Device Interface GDI in the kernel not properly...

PT-2009-4909 · Microsoft · 2007 Microsoft Office System +26

Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer 6 SP1 Windows XP SP2 and SP3 Office XP SP3 Office 2003 SP3 2007 Microsoft Office System SP1 and SP2 Office Project 2002 SP1 Visio 2002 SP2 Office Word Viewer Word Viewer 2003 Gold and SP3 Office Excel Viewer 2003...

CVE-2008-7107

easdrv.sys in ESET Smart Security 3.0.667.0 allows local users to cause a denial of service crash via a crafted IOCTL 0x222003 request to the \.\easdrv device interface...

Update Protection against Microsoft Windows GDIplus GpFont.SetData Integer Overflow

A vulnerability has been reported in Microsoft Windows Graphics Device Interface GDI. GDI is a Microsoft standard for representing graphical objects and outputting these representations to devices such as monitors and printers. The vulnerability occurs when an application that uses the affected...

Input validation

The graphics device interface GDI implementation in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly validate input received from user mode, which allows remote attackers to execute arbitrary code via a crafte...

PT-2009-2781 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the fixed version Description: The issue arises from the improper validation of input received from user mode by the graphics device interface GDI implementation in the kernel. This allows remote attackers ...

[SECURITY] Fedora 9 Update: dahdi-tools-2.0.0-1.fc9

DAHDI stands for Digium Asterisk Hardware Device Interface. This package contains the userspace tools to configure the DAHDI kernel modules. DAHDI is the replacement for Zaptel, which must be renamed due to trademark issues...

PT-2008-3744 · Microsoft · Wmf +2

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the fixed version Description: The issue is related to an integer overflow in GDI, allowing remote attackers to execute arbitrary code via a malformed header in a crafted WMF file. This triggers a buffer...

Workaround for Microsoft GDI WMF Heap Overflow Vulnerability (MS08-071)

A remote code execution vulnerability has been discovered in the way GDI handles file size parameters in WMF files. The Microsoft Windows graphics device interface GDI enables applications to use graphics and formatted text on the video display and on the printer. A remote attacker may trigger th...

CVE-2008-0322

The I2O Utility Filter driver i2omgmt.sys 5.1.2600.2180 for Microsoft Windows XP sets Everyone/Write permissions for the "\.\I2OExc" device interface, which allows local users to gain privileges. NOTE: this issue can be leveraged to overwrite arbitrary memory and execute code via an IOCTL call...

PT-2008-1956 · Microsoft · Windows Xp

Name of the Vulnerable Software and Affected Versions: Microsoft Windows XP Description: The issue allows local users to gain privileges by exploiting the I2O Utility Filter driver, which sets Everyone/Write permissions for the ".I2OExc" device interface. This can be leveraged to overwrite...

Microsoft Windows GDI EMF Image File Handling Stack Overflow (MS08-021; CVE-2008-1087)

A remote code execution vulnerability has been reported in the way Microsoft GDI handles the filename parameter in EMF files. The Microsoft Windows graphics device interface GDI enables applications to use graphics and formatted text on the video display and on the printer. EMF is a image format...

PT-2008-2681 · Microsoft · Windows +1

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions 2000 SP4 through Server 2008 Description: A heap-based buffer overflow in the CreateDIBPatternBrushPt function in GDI allows remote attackers to execute arbitrary code via an EMF or WMF image file with a malformed...

PT-2007-3574 · Microsoft · Windows Gdi

Name of the Vulnerable Software and Affected Versions: Microsoft Windows Graphics Device Interface GDI+ affected versions not specified Description: The issue allows context-dependent attackers to cause a denial of service crash via an ICO file with an InfoHeader containing a Height of zero. This...

CVE-2007-1215

Buffer overflow in the Graphics Device Interface GDI in Microsoft Windows 2000 SP4; XP SP2; Server 2003 Gold, SP1, and SP2; and Vista allows local users to gain privileges via certain "color-related parameters" in crafted images...

CVE-2007-1212

Buffer overflow in the Graphics Device Interface GDI in Microsoft Windows 2000 SP4; XP SP2; Server 2003 Gold, SP1, and SP2; and Vista allows local users to gain privileges via a crafted Enhanced Metafile EMF image format file...

Buffer overflow

Buffer overflow in the Graphics Device Interface GDI in Microsoft Windows 2000 SP4; XP SP2; Server 2003 Gold, SP1, and SP2; and Vista allows local users to gain privileges via a crafted Enhanced Metafile EMF image format file...

Trend Micro Anti-Rootkit Common Module fails to properly restrict access to the "\\.\TmComm" DOS device interface

Overview A vulnerability exists in Trend Micro's Anti-Rootkit Common Module that may allow a local attacker to gain elevated privileges. Description Trend Micro AntiVirus is a virus scanner for Microsoft Windows and Linux. The Trend Micro Anti-Rootkit Common Module is included with Trend Micro...

Trend Micro Anti-Rootkit Common Module fails to properly validate input

Overview A vulnerability exists in Trend Micro Anti-Rootkit Common Module that may allow a local attacker to gain elevated privileges. Description Trend Micro AntiVirus is a virus scanner for Microsoft Windows and Linux. The Trend Micro Anti-Rootkit Common Module is included with TrendMicro...

Microsoft Windows图形设备接口附加库拒绝服务漏洞

Microsoft Windows是一款流行的操作系统。 Microsoft Windows图形社诶接口附加库处理畸形图象文件存在问题，远程攻击者可以利用漏洞可对系统进行拒绝服务攻击。 问题存在于Windows GDI+库'gdiplus.dll'中，构建恶意的图象文件，诱使用户打开，可导致系统崩溃。 Microsoft Windows XP Tablet PC Edition SP2 Microsoft Windows XP Tablet PC Edition SP1 Microsoft Windows XP Tablet PC Edition Microsoft Windows XP...