Microsoft Windows GDIplus PNG Chunk Processing Integer Overflow (MS09-062; CVE-2009-2501; CVE-2013-1331)
An integer overflow vulnerability exists in Microsoft Windows GDI+. The vulnerability is due to lack of input validation when Microsoft Windows GDI+ handles PNG files. A remote attacker can exploit this vulnerability by enticing the target to open a specially crafted PNG file. Successful...