Lucene search
K

74 matches found

Check Point Advisories
Check Point Advisories
added 2010/01/31 12:0 a.m.38 views

Microsoft Windows GDI+ PNG Processing Integer Overflow (MS09-062; CVE-2009-3126)

The Windows Graphics Rendering Engine is implemented via the Graphics Device Interface GDI subsystem. GDI is a Microsoft standard for representing graphical objects and outputting these representations to devices such as monitors and printers. GDI is capable of representing vector graphics, drawi...

9.3CVSS9.8AI score0.23461EPSS
Exploits1
Check Point Advisories
Check Point Advisories
added 2009/12/13 12:0 a.m.22 views

Microsoft WMF File Polypolygon Function Buffer Overflow (MS06-026; CVE-2006-2376)

Microsoft Windows Metafile Format WMF is a proprietary standard for representing graphical objects, mainly vector based graphic. WMF is capable of representing drawing lines, polygons, curves, and fonts. A vulnerability has been discovered in the Graphics Rendering Engine GRE component of Microso...

7.5CVSS7.1AI score0.41098EPSS
Exploits0
Saint
Saint
added 2009/05/25 12:0 a.m.32 views

Windows GDI Privilege Elevation

Added: 05/25/2009 CVE: CVE-2006-5758 BID: 20940 OSVDB: 30214 Background The Graphics Rendering Engine in Microsoft Windows 2000 and Windows XP maps GDI Kernel structures on a global shared memory section that is created with insecure permissions. Problem Users with local access can remap the shar...

7.2CVSS6.2AI score0.06325EPSS
Exploits6
Saint
Saint
added 2009/05/25 12:0 a.m.31 views

Windows GDI Privilege Elevation

Added: 05/25/2009 CVE: CVE-2006-5758 BID: 20940 OSVDB: 30214 Background The Graphics Rendering Engine in Microsoft Windows 2000 and Windows XP maps GDI Kernel structures on a global shared memory section that is created with insecure permissions. Problem Users with local access can remap the shar...

7.2CVSS6.2AI score0.06325EPSS
Exploits6
VulnCheck KEV
VulnCheck KEV
added 2008/09/26 12:0 a.m.5 views

VulnCheck KEV: CVE-2006-5758

The Graphics Rendering Engine in Microsoft Windows 2000 through 2000 SP4 and Windows XP through SP2 maps GDI Kernel structures on a global shared memory section that is mapped with read-only permissions, but can be remapped by other processes as read-write, which allows local users to cause a...

7.2CVSS5.8AI score0.06325EPSS
Exploits6References1
securityvulns
securityvulns
added 2008/08/13 12:0 a.m.48 views

ZDI-08-049: Microsoft Windows Graphics Rendering Engine PICT Heap Corruption

ZDI-08-049: Microsoft Windows Graphics Rendering Engine PICT Heap Corruption http://www.zerodayinitiative.com/advisories/ZDI-08-049 August 12, 2008 -- CVE ID: CVE-2008-3021 -- Affected Vendors: Microsoft -- Affected Products: Microsoft File Format Vulnerability -- TippingPointTM IPS Customer...

9.3CVSS0.5AI score0.35905EPSS
Exploits1
Zero Day Initiative
Zero Day Initiative
added 2008/08/12 12:0 a.m.42 views

Microsoft Windows Graphics Rendering Engine PICT Heap Corruption Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Office. User interaction is required to exploit this vulnerability in that the target must open a malicious file. The specific flaw exists in the handling of PICT images in an office document. D...

9.3CVSS2.7AI score0.35905EPSS
Exploits1References1
securityvulns
securityvulns
added 2008/04/09 12:0 a.m.59 views

iDefense Security Advisory 04.08.08: Microsoft Windows Graphics Rendering Engine Integer Overflow Vulnerability

iDefense Security Advisory 04.08.08 http://labs.idefense.com/intelligence/vulnerabilities/ Apr 08, 2008 I. BACKGROUND Microsoft Windows graphics device interface GDI is the core library used to display graphics and text on the Windows operating system. It is the standard interface through which...

9.3CVSS8.3AI score0.57102EPSS
Exploits1
NVD
NVD
added 2007/08/14 9:17 p.m.23 views

CVE-2007-3034

Integer overflow in the AttemptWrite function in Graphics Rendering Engine GDI on Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted metafile image with a large record length value, which triggers a heap-based buffer overflow...

9.3CVSS7.8AI score0.54749EPSS
Exploits1References9
Cvelist
Cvelist
added 2007/08/14 9:0 p.m.23 views

CVE-2007-3034

Integer overflow in the AttemptWrite function in Graphics Rendering Engine GDI on Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted metafile image with a large record length value, which triggers a heap-based buffer overflow...

7.7AI score0.54749EPSS
Exploits1References9
securityvulns
securityvulns
added 2007/08/14 12:0 a.m.64 views

Microsoft Security Bulletin MS07-046 - Critical Vulnerability in GDI Could Allow Remote Code Execution (938829)

Microsoft Security Bulletin MS07-046 - Critical Vulnerability in GDI Could Allow Remote Code Execution 938829 Published: August 14, 2007 Version: 1.0 General Information Executive Summary This critical security update resolves a privately reported vulnerability. A remote code execution...

9.3CVSS2.2AI score0.54749EPSS
Exploits1
Cvelist
Cvelist
added 2007/04/04 4:0 p.m.33 views

CVE-2006-5586

The Graphics Rendering Engine in Microsoft Windows 2000 SP4 and XP SP2 allows local users to gain privileges via "invalid application window sizes" in layered application windows, aka the "GDI Invalid Window Size Elevation of Privilege Vulnerability."...

6.5AI score0.02884EPSS
Exploits0References6
CVE
CVE
added 2007/04/04 4:0 p.m.56 views

CVE-2006-5586

CVE-2006-5586 is a GDI-based local privilege-elevation vulnerability in the Graphics Rendering Engine of Microsoft Windows 2000 SP4 and Windows XP SP2 (and related Windows variants). The flaw stems from processing invalid application window sizes when rendering layered windows, allowing a logged-...

7.2CVSS6.5AI score0.02884EPSS
Exploits0References6Affected Software2
Symantec
Symantec
added 2007/04/03 12:0 a.m.19 views

Microsoft Windows Graphics Rendering Engine GDI Local Privilege Escalation Vulnerability

Description Microsoft Windows Graphics Rendering Engine is prone to local privilege-escalation vulnerability. Successful exploits may result in a complete compromise of affected computers. Technologies Affected Avaya Customer Interaction Express CIE Server 1.0 Avaya Customer Interaction Express C...

0.1AI score
Exploits0References1Affected Software6
NVD
NVD
added 2006/11/06 8:7 p.m.32 views

CVE-2006-5758

The Graphics Rendering Engine in Microsoft Windows 2000 through 2000 SP4 and Windows XP through SP2 maps GDI Kernel structures on a global shared memory section that is mapped with read-only permissions, but can be remapped by other processes as read-write, which allows local users to cause a...

7.2CVSS6.3AI score0.06325EPSS
Exploits6References12
Cvelist
Cvelist
added 2006/11/06 8:0 p.m.35 views

CVE-2006-5758

The Graphics Rendering Engine in Microsoft Windows 2000 through 2000 SP4 and Windows XP through SP2 maps GDI Kernel structures on a global shared memory section that is mapped with read-only permissions, but can be remapped by other processes as read-write, which allows local users to cause a...

6.2AI score0.06325EPSS
Exploits6References12
CVE
CVE
added 2006/11/06 8:0 p.m.66 views

CVE-2006-5758

CVE-2006-5758 is a local elevation of privilege vulnerability in the Windows Graphics Rendering Engine (GDI) across Windows 2000 SP4 and Windows XP SP2. The underlying issue is how GDI Kernel structures are mapped into a global shared memory section created with insecure permissions: the section ...

7.2CVSS6.2AI score0.06325EPSS
Exploits6References12Affected Software2
CVE
CVE
added 2006/09/19 7:0 p.m.86 views

CVE-2006-4868

CVE-2006-4868: A stack-based buffer overflow in VGX.dll (VML processing) used by Microsoft Outlook and Internet Explorer on Windows XP SP2 enables remote code execution via a crafted VML rect tag with a long fill parameter. Affected: Internet Explorer/VML handling. Impact per sources: arbitrary c...

9.3CVSS7.7AI score0.62149EPSS
Exploits7References21Affected Software2
securityvulns
securityvulns
added 2006/07/14 12:0 a.m.52 views

SYMSA-2006-004 (Full Details): Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Symantec Vulnerability Research http://www.symantec.com/research Security Advisory Advisory ID : SYMSA-2006-004 Advisory Title: Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution Author : Peter Ferrie / [email protected]...

7.5CVSS0.1AI score0.41098EPSS
Exploits0
securityvulns
securityvulns
added 2006/06/14 12:0 a.m.61 views

SYMSA-2006-004: Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Symantec Vulnerability Research http://www.symantec.com/research Security Advisory Advisory ID : SYMSA-2006-004 Advisory Title: Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution Author : Peter Ferrie / [email protected]...

7.5CVSS0.4AI score0.41098EPSS
Exploits0
Rows per page
Query Builder