Integer overflow in gdiplus.dll in GDI+ in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold and SP2, and Office XP SP3 allows remote attackers to execute arbitrary code via a crafted EMF image, aka "GDI+ Integer Overflow Vulnerability."
Vector
NETWORK
Complexity
MEDIUM
Authentication
NONE
Confidentiality
COMPLETE
Integrity
COMPLETE
Availability
COMPLETE
Microsoft Windows server 2008 Sp2 X32 (not an official CPE)
Microsoft Windows Server 2008 Service Pack 2 x64 (64-bit)
Microsoft Windows Server 2008 Service Pack 2 for Itanium-Based Systems
Microsoft Windows Vista Service Pack 1
Microsoft Windows Vista Service Pack 1 x64 (64-bit)
Microsoft Windows Vista Service Pack 2
Microsoft Windows Vista Service Pack 2 x64 (64-bit)
Microsoft Windows XP Service Pack 3
Microsoft Windows XP Service Pack 2 x64 (64-bit)
Microsoft Windows server 2008 X32 (not an official CPE)
Microsoft Windows Server 2008 x64 (64-bit)
Microsoft Windows Server 2008 Itanium
Microsoft Windows Server 2003 Service Pack 2
Microsoft Windows 2003 Server Service Pack 2