Lucene search
K

Microsoft GDI+ WMF图像文件缓冲区溢出漏洞(MS08-052)

🗓️ 10 Dec 2008 00:00:00Reported by RootType 
seebug
 seebug
🔗 www.seebug.org👁 22 Views

Microsoft GDI+ WMF image file buffer overflow vulnerability (MS08-052). Research In Motion Blackberry Unite! 1.0.1 bundle 36, Nortel Networks Self-Service WVADS and various Microsoft Windows and Server editions are vulnerable to buffer overflow issues

Code

                                                A WMF file containing a PolyPolygon record (type 0x0538) with a count of 8192 polygons, each specifying 65535 points, is sufficient to cause a heap overflow and to crash the application that is using GDI+.

Core Security Technologies has developed a working commercial exploit for its CORE IMPACT product. This exploit is not otherwise publicly available or known to be circulating in the wild. 

Successfully exploiting this issue would allow an attacker to corrupt memory and execute arbitrary code in the context of the currently logged-in user.
                              

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation