28 matches found
EUVD-2017-3452
Malware in sbrugna...
CVE-2017-11852
CVE-2017-11852 affects the Windows GDI component in Windows 7 SP1, Windows Server 2008 SP2, and Windows Server 2008 R2 SP1. The vulnerability arises from improper disclosure of kernel memory addresses by the GDI component, enabling a logged-on attacker to execute a specially crafted application t...
Microsoft GDI+ - 'gdiplus!GetRECTSForPlayback' Out-of-Bounds Read (MS17-013)
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1042 We have encountered a crash in the Windows GDI+ library, in the gdiplus!GetRECTSForPlayback function, while trying to display a malformed EMF+ image file: --- 6be8.6f1c: Access violation - code c0000005 first chance First chan...
Microsoft GDI+ CVE-2012-0165 EMF Image Processing Remote Code Execution Vulnerability
Description Microsoft GDI+ is prone to a remote code-execution vulnerability that occurs when an application using the library tries to process a specially crafted Enhanced Metafile EMF image. An attacker can exploit this issue to execute arbitrary code with the privileges of the currently...
Microsoft Windows GDI+ Record Type Code Execution (MS12-034; CVE-2012-0165)
A remote code execution vulnerability has been reported in Microsoft GDI+...
Microsoft GDI+ CVE-2012-0167 EMF Image Processing Buffer Overflow Vulnerability
Description Microsoft GDI+ is prone to a remote heap-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it to an insufficiently sized buffer. An attacker can exploit this issue to execute arbitrary code with the privileges of the...
Microsoft Windows GDI+ EMF Heap Overflow (MS12-034; CVE-2012-0167)
A remote code execution vulnerability has been reported in Microsoft GDI+...
Microsoft GDI+ EMF Image Processing Integer Overflow (MS11-029; CVE-2011-0041)
GDI+ is a graphics device interface that provides two-dimensional vector graphics, imaging, and typography to applications and programmers. An integer overflow vulnerability has been discovered in the way that GDI+ handles integer calculations. The vulnerability is caused by a memory corruption...
Microsoft GDI+ EMF Image Processing Integer Overflow Memory Corruption Vulnerability
Description Microsoft GDI+ is prone to a remote memory-corruption vulnerability that occurs when an application that uses the library tries to process a specially crafted Enhanced Metafile EMF image file. An attacker can exploit this issue to execute arbitrary code with the privileges of the...
Microsoft GDI+ Malformed Office BMP File Integer Overflow Remote Code Execution Vulnerability
Description Microsoft GDI+ is prone to a remote code-execution vulnerability because the vector graphics link library improperly processes BMP files in Microsoft Office documents. An attacker could exploit this issue to execute arbitrary code with the privileges of the currently logged-in user...
Microsoft GDI+ TIFF Buffer Overflow (MS09-062; CVE-2009-2502)
The Microsoft Windows graphics device interface GDI enables applications to use graphics and formatted text on the video display and on the printer. A remote code execution vulnerability has been discovered in the way that GDI+ allocates memory. The vulnerability is due to an error when GDI+ fail...
Microsoft GDI+ Malformed Office Object Memory Corruption Remote Code Execution Vulnerability
Description Microsoft GDI+ is prone to a remote code-execution vulnerability because the vector graphics link library improperly processes Microsoft Office objects. An attacker could exploit this issue to execute arbitrary code with the privileges of the currently logged-in user. Failed exploit...
Microsoft GDI Plugin - '.png' Infinite Loop Denial of Service (PoC)
!/usr/bin/perl CALgdiplugpoc.pl MircosoftgdiplugpnginfinityloopD.o.S POC by Code Audit Labs public 2009-04-17 http://www.vulnhunt.com/ Affected ======== test on full updated winxp sp3 other version should be affected CVE: please assign to a CVE number DESCRIPTION =========== The vulnerability...
Microsoft GDI Plugin .png Infinite Loop Denial of Service PoC
Exploit for unknown platform in category dos / poc ============================================================= Microsoft GDI Plugin .png Infinite Loop Denial of Service PoC ============================================================= ! /usr/bin/perl CALgdiplugpoc.pl...
Microsoft GDI+ GIF File Parsing Remote Code Execution Vulnerability
Description Microsoft GDI+ is prone to a remote code-execution vulnerability because the vector graphics link library improperly parses GIF image files. An attacker could exploit this issue to execute arbitrary code with the privileges of the currently logged-in user. Failed exploit attempts may...
Microsoft GDI+ BMP Integer Overflow Vulnerability
Description Microsoft GDI+ is prone to an integer-overflow vulnerability. An attacker can exploit this issue by enticing unsuspecting users to view a malicious BMP file. Successfully exploiting this issue allows remote attackers to corrupt memory and execute arbitrary code in the context of the...
Microsoft GDI Windows Metafile AttemptWrite integer overflow
Overview Microsoft Windows GDI contains an integer overflow in the handling of Windows metafiles, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft Windows GDI Graphics Device Interface enables applications to use graphics a...
CSIS Advisory: Microsoft GDI+ Integer division by zero flaw handling .ICO files
CSIS Security Group has discovered an "Integer division by zero" flaw in the GDI+ component in Windows XP. This condition are activated when a malformed ICO file are viewed through either Windows Explorer or other components like "Windows Picture and Fax Viewer". The consequence of this flaw is a...
MS Windows GDI+ ICO File Remote Denial of Service Exploit
No description provided by source. Author : kad Mail : kadathighsecudotcom Site : http://www.highsecu.com highsecu.ico - Microsoft GDI+ Integer division by zero flaw handling .ICO files http://www.milw0rm.com/sploits/06072007-CVE-2007-2237.zip sebug.net...
CVE-2007-1215
Buffer overflow in the Graphics Device Interface GDI in Microsoft Windows 2000 SP4; XP SP2; Server 2003 Gold, SP1, and SP2; and Vista allows local users to gain privileges via certain "color-related parameters" in crafted images...