Computer Security
[EN] securityvulns.ru no-pyccku


Microsoft Windows GDI code execution
updated since 14.08.2007
Published:14.08.2007
Source:
SecurityVulns ID:8043
Type:library
Threat Level:
10/10
Description:Heap buffer overflow on Windows metafiles parsing.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
CVE:CVE-2007-3034 (Integer overflow in the AttemptWrite function in Graphics Rendering Engine (GDI) on Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted metafile (image) with a large record length value, which triggers a heap-based buffer overflow.)
Original documentdocumentEEYE, EEYE: Windows Metafile AttemptWrite Heap Overflow (15.08.2007)
 documentMICROSOFT, Microsoft Security Bulletin MS07-046 - Critical Vulnerability in GDI Could Allow Remote Code Execution (938829) (14.08.2007)
Files:icrosoft Security Bulletin MS07-046 - Critical Vulnerability in GDI Could Allow Remote Code Execution (938829)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod