CVE-2011-0041

2011-04-13 20:55:01 2019-02-26 15:04:00

Integer overflow in gdiplus.dll in GDI+ in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold and SP2, and Office XP SP3 allows remote attackers to execute arbitrary code via a crafted EMF image, aka "GDI+ Integer Overflow Vulnerability."

Vector

NETWORK

Complexity

MEDIUM

Authentication

NONE

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Microsoft Windows server 2008 Sp2 X32 (not an official CPE) Microsoft Windows Server 2008 Service Pack 2 x64 (64-bit) Microsoft Windows Server 2008 Service Pack 2 for Itanium-Based Systems Microsoft Windows Vista Service Pack 1 Microsoft Windows Vista Service Pack 1 x64 (64-bit) Microsoft Windows Vista Service Pack 2 Microsoft Windows Vista Service Pack 2 x64 (64-bit) Microsoft Windows XP Service Pack 3 Microsoft Windows XP Service Pack 2 x64 (64-bit) Microsoft Windows server 2008 X32 (not an official CPE) Microsoft Windows Server 2008 x64 (64-bit) Microsoft Windows Server 2008 Itanium Microsoft Windows Server 2003 Service Pack 2 Microsoft Windows 2003 Server Service Pack 2

Microsoft Office XP Service Pack 3

Microsoft - Windows server 2008 Microsoft - Windows vista Microsoft - Windows xp Microsoft - Windows server 2003 Microsoft - Windows 2003 server Microsoft - Office

Advisory	Patch	Confirmed	Link
			TA11-102A
			MS11-029

KB2412687 | MS11-029 - Vulnerability in GDI+ Could Allow Remote Code Execution KB2509461 | MS11-029 - Vulnerability in GDI+ Could Allow Remote Code Execution

CVE-2011-0041

2011-04-13 20:55:01 2019-02-26 15:04:00

Vector

Complexity

Authentication

Confidentiality

Integrity

Availability

Numeric Errors (ID 189)