2008-09-11 03:11:47 2018-10-12 23:47:53

Integer overflow in gdiplus.dll in GDI+ in Microsoft Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a BMP image file with a malformed BitMapInfoHeader that triggers a buffer overflow, aka "GDI+ BMP Integer Overflow Vulnerability."

Vector

NETWORK

Complexity

MEDIUM

Authentication

NONE

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE
KB938464 | MS08-052 - Vulnerabilities in GDI+ Could Allow Remote Code Execution KB947736 | MS08-052 - Vulnerabilities in GDI+ Could Allow Remote Code Execution KB947737 | MS08-052 - Vulnerabilities in GDI+ Could Allow Remote Code Execution KB947738 | MS08-052 - Vulnerabilities in GDI+ Could Allow Remote Code Execution KB947739 | MS08-052 - Vulnerabilities in GDI+ Could Allow Remote Code Execution KB947742 | MS08-052 - Vulnerabilities in GDI+ Could Allow Remote Code Execution KB947746 | MS08-052 - Vulnerabilities in GDI+ Could Allow Remote Code Execution KB947748 | MS08-052 - Vulnerabilities in GDI+ Could Allow Remote Code Execution KB952241 | MS08-052 - Vulnerabilities in GDI+ Could Allow Remote Code Execution KB953405 | MS08-052 - Vulnerabilities in GDI+ Could Allow Remote Code Execution KB954326 | MS08-052 - Vulnerabilities in GDI+ Could Allow Remote Code Execution KB954478 | MS08-052 - Vulnerabilities in GDI+ Could Allow Remote Code Execution KB954479 | MS08-052 - Vulnerabilities in GDI+ Could Allow Remote Code Execution KB954593 | MS08-052 - Vulnerabilities in GDI+ Could Allow Remote Code Execution KB954606 | MS08-052 - Vulnerabilities in GDI+ Could Allow Remote Code Execution KB954607 | MS08-052 - Vulnerabilities in GDI+ Could Allow Remote Code Execution KB954609 | MS08-052 - Vulnerabilities in GDI+ Could Allow Remote Code Execution KB954765 | MS08-052 - Vulnerabilities in GDI+ Could Allow Remote Code Execution KB954766 | MS08-052 - Vulnerabilities in GDI+ Could Allow Remote Code Execution KB955368 | MS08-052 - Vulnerabilities in GDI+ Could Allow Remote Code Execution KB955369 | MS08-052 - Vulnerabilities in GDI+ Could Allow Remote Code Execution KB955370 | MS08-052 - Vulnerabilities in GDI+ Could Allow Remote Code Execution KB955992 | MS08-052 - Vulnerabilities in GDI+ Could Allow Remote Code Execution KB956483 | MS08-052 - Vulnerabilities in GDI+ Could Allow Remote Code Execution KB956500 | MS08-052 - Vulnerabilities in GDI+ Could Allow Remote Code Execution KB957177 | MS08-052 - Vulnerabilities in GDI+ Could Allow Remote Code Execution KB975337 | MS08-052 - Vulnerabilities in GDI+ Could Allow Remote Code Execution