Microsoft GDIPlus Library File Integer Overflow Vulnerability

This host is having GDIPlus Library and is prone to Integer Overflow Vulnerability. OpenVAS Vulnerability Test $Id: gbgdiplusintoverflowvuln.nasl 5369 2017-02-20 14:48:07Z cfi $ Microsoft GDIPlus Library File Integer Overflow Vulnerability Authors: Sujit Ghosal Copyright c 2009 Greenbone Networks...

Microsoft Windows GDI+库GPFont::SetData()函数单字节溢出漏洞

BUGTRAQ ID: 34250 CVECAN ID: CVE-2009-1217 Microsoft Windows是微软发布的非常流行的操作系统。 Windows的GDI+函数库（gdiplus.dll）的GPFont::SetData函数中存在单字节溢出漏洞。如果用户受骗打开了 EmfPlusFontObject记录中设置有特制字体长度值的EMF图形的话，就可以触发这个溢出，导致使用该库的应用程序崩溃。以下是 Windows XP中的有漏洞代码段： define FamilyNameMax 32 ... WCHAR familyNameFamilyNameMax;...

Integer overflow

Off-by-one error in the GpFont::SetData function in gdiplus.dll in Microsoft GDI+ on Windows XP allows remote attackers to cause a denial of service stack corruption and application termination via a crafted EMF file that triggers an integer overflow, as demonstrated by voltage-exploit.emf, aka t...

CVE-2009-1217

Off-by-one error in the GpFont::SetData function in gdiplus.dll in Microsoft GDI+ on Windows XP allows remote attackers to cause a denial of service stack corruption and application termination via a crafted EMF file that triggers an integer overflow, as demonstrated by voltage-exploit.emf, aka t...