Windows gdi32.dll heap-based out-of-bounds reads / memory disclosure (CVE-2017-0038)

In issue 757, I described multiple bugs related to the handling of DIBs Device Independent Bitmaps embedded in EMF records, as implemented in the user-mode Windows GDI library gdi32.dll. As a quick reminder, the DIB-embedding records follow a common scheme: they include four fields, spots denotin...

Design/Logic Flaw

gdi32.dll in Graphics Device Interface GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information from process heap...

Microsoft Windows gdi32.dll - EMR_SETDIBITSTODEVICE Heap-Based Out-of-Bounds Reads Exploit

Exploit for windows platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=992 In issue 757, I described multiple bugs related to the handling of DIBs Device Independent Bitmaps embedded in EMF records, as implemented in the user-mode Windows GDI library...

Microsoft Windows - gdi32.dll EMR_SETDIBITSTODEVICE Heap Out-of-Bounds Reads Memory Disclosure

Microsoft Windows - gdi32.dll EMRSETDIBITSTODEVICE Heap Out-of-Bounds Reads Memory Disclosure Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=992 In issue 757, I described multiple bugs related to the handling of DIBs Device Independent Bitmaps embedded in EMF records, as...

Microsoft Windows - 'gdi32.dll' EMR_SETDIBITSTODEVICE Heap Out-of-Bounds Reads / Memory Disclosure

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=992 In issue 757, I described multiple bugs related to the handling of DIBs Device Independent Bitmaps embedded in EMF records, as implemented in the user-mode Windows GDI library gdi32.dll. As a quick reminder, the DIB-embedding...