Computer Security
[EN] securityvulns.ru no-pyccku


Microsoft Windows color management system memory corruption
updated since 12.08.2008
Published:13.08.2008
Source:
SecurityVulns ID:9218
Type:library
Threat Level:
7/10
Description:Memory corruption on ICCM management.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
CVE:CVE-2008-2245 (Heap-based buffer overflow in the InternalOpenColorProfile function in mscms.dll in Microsoft Windows Image Color Management System (MSCMS) in the Image Color Management (ICM) component on Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted image file.)
Original documentdocumentIDEFENSE, iDefense Security Advisory 08.12.08: Microsoft Windows Color Management Module Heap Buffer Overflow Vulnerability (13.08.2008)
 documentZDI, ZDI-08-049: Microsoft Windows Graphics Rendering Engine PICT Heap Corruption (13.08.2008)
 documentMICROSOFT, Microsoft Security Bulletin MS08-046 – Critical Vulnerability in Microsoft Windows Image Color Management System Could Allow Remote Code Execution (952954) (12.08.2008)
Files:Microsoft Security Bulletin MS08-046 – Critical Vulnerability in Microsoft Windows Image Color Management System Could Allow Remote Code Execution (952954)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod