18 matches found
CVE-2009-2500
This CVE corresponds to MS09-062: GDI+ WMF Integer Overflow Vulnerability. Affected are Microsoft GDI+ image-processing paths used by WMF, PNG, TIFF, BMP handling across Windows components and Office/Viewer products (e.g., IE6, Office suites, Visio, Project, SQL/Report Viewer, Forefront Client Se...
CVE-2009-2528
CVE-2009-2528 is a memory corruption vulnerability in GDI+ used by Microsoft Office XP/2000 when parsing Office Art Property Tables. A crafted Office document can trigger remote code execution. Microsoft Security Bulletin MS09-062 (KB957488) provides patches; apply the MS09-062 updates to remedia...
CVE-2009-3126
CVE-2009-3126 corresponds to the GDI+ PNG Integer Overflow vulnerability described in MS09-062. The issue arises from an integer overflow in GDI+ when processing PNG images, which could allow remote code execution if a user opens a specially crafted image. The vulnerability affects a wide range o...
CVE-2007-5348
The CVE-2007-5348 entry concerns an IMAGE processing vulnerability in Microsoft GDI+ that could enable remote code execution. The connected KB954593 article MS08-052 describes multiple vulnerabilities in GDI+ across Windows and Office components that could be exploited by viewing a specially craf...
CVE-2009-2501
CVE-2009-2501 describes a heap-based buffer overflow in Microsoft GDI+ when processing PNG images, enabling remote code execution via crafted PNGs. Affected software/contexts include Internet Explorer 6 SP1 on Windows XP (SP2/SP3) and various Microsoft Office components and viewers that rely on G...
CVE-2009-2502
CVE-2009-2502 is a GDI+ TIFF buffer overflow vulnerability that could allow remote code execution when processing a specially crafted TIFF image. The vulnerability affects multiple Microsoft products enabled via Internet Explorer 6 SP1, various Windows and Office suites, Viewer components, and re...
CVE-2008-3014
CVE-2008-3014 is the GDI+ WMF Buffer Overrun vulnerability. A buffer overflow in gdiplus.dll (GDI+) allows remote code execution when processing a malformed WMF image, affecting multiple Windows and Office components listed in the description (e.g., Internet Explorer 6 SP1 on various Windows vers...
CVE-2009-2504
CVE-2009-2504 corresponds to MS09-062: multiple remote code execution vulnerabilities in Windows GDI+ exposed via GDI+ APIs used by .NET Framework and Office components. The issue stems from integer overflows/buffer handling in GDI+, enabling remote code execution when rendering crafted images in...
CVE-2009-2503
CVE-2009-2503 is a GDI+ memory corruption vulnerability in Microsoft components that can be triggered by a crafted TIFF image file, enabling remote code execution. The weakness resides in how GDI+ allocates memory when processing TIFFs, affecting a wide range of Windows and Office products listed...
CVE-2011-0655
CVE-2011-0655 affects Microsoft PowerPoint and related Office components. The vulnerability arises when PowerPoint reads an invalid TimeColorBehaviorContainer Floating Point record in a PowerPoint file, with insufficient validation allowing remote code execution or memory corruption. Affected pro...
CVE-2008-3015
CVE-2008-3015 (GDI+ BMP Integer Overflow) describes a vulnerability in gdiplus.dll where a BMP BitMapInfoHeader with malformed data can trigger a buffer overflow, enabling remote code execution. Affected products include Office XP SP3, Office 2003 SP2/SP3, Office 2007, Visio 2002 SP2, PowerPoint ...
CVE-2008-3012
CVE-2008-3012 corresponds to an in-GDI+ memory allocation flaw in gdiplus.dll that could allow remote code execution when a specially crafted EMF image is viewed. Connected docs confirm this as MS08-052, addressing vulnerabilities in GDI+ across Windows and Office components (IE6, Windows XP, Ser...
CVE-2018-8281
CVE-2018-8281: A remote code execution vulnerability in Microsoft Office family (Excel Viewer, PowerPoint Viewer, Office, Word Viewer) arises when Office fails to properly handle objects in memory. Connected documents confirm the issue affects Microsoft Office Viewers and Office-related component...
CVE-2009-0224
CVE-2009-0224 is a Memory Corruption Vulnerability in Microsoft PowerPoint. It affects PowerPoint and related components across Windows and Mac platforms (PowerPoint 2000/2002/2003/2007; PowerPoint Viewer 2003/2007; PowerPoint on Mac 2004/2008; Open XML Converter for Mac; Microsoft Works 8.5/9.0;...
CVE-2011-0656
Microsoft Office PowerPoint vulnerability CVE-2011-0656 arises from improper validation of PersistDirectoryEntry records in PowerPoint documents. A Slide containing a malformed record can trigger an exception and subsequent use of a malformed object, enabling remote code execution or memory corru...
CVE-2008-0121
Microsoft PowerPoint Viewer 2003 is affected by CVE-2008-0121 due to a memory calculation error when processing certain records (invalid picture index) in PowerPoint files, leading to remote code execution via crafted presentations. iDefense and related advisories describe an out-of-bounds/ memor...
CVE-2008-0120
CVE-2008-0120 concerns Microsoft PowerPoint Viewer 2003. The issue is an integer overflow in the handling of embedded CString objects within a PowerPoint file’s picture index, leading to remote code execution if a user opens a malformed file. Technical sources (NVD, SAINT/OSVDB mirrors, and OpenV...
CVE-2008-1455
CVE-2008-1455 describes a remote code execution vulnerability in Microsoft PowerPoint caused by a memory handling flaw while parsing bullet list values in specially crafted PowerPoint files (memory calculation/parsing overflow). Affected products include PowerPoint 2000 SP3, 2002 SP3, 2003 SP2, 2...