Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 











Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Vigil@nce: Windows, Office, several vulnerabilities of GDI

September 2008 by Vigil@nce

SYNTHESIS

A local or remote attacker can create malicious programs or images
in order to generate a denial of service or code execution on
victim’s computer.

Gravity: 4/4

Consequences: user access/rights, denial of service of computer

Provenance: document

Means of attack: no proof of concept, no attack

Ability of attacker: expert (4/4)

Confidence: confirmed by the editor (5/5)

Diffusion of the vulnerable configuration: high (3/3)

Number of vulnerabilities in this bulletin: 5

Creation date: 10/09/2008

Identifier: VIGILANCE-VUL-8097

IMPACTED PRODUCTS

 Microsoft Access [confidential versions]
 Microsoft Excel [confidential versions]
 Microsoft Internet Explorer [confidential versions]
 Microsoft Outlook [confidential versions]
 Microsoft PowerPoint [confidential versions]
 Microsoft Project [confidential versions]
 Microsoft Publisher [confidential versions]
 Microsoft SQL Server [confidential versions]
 Microsoft Visio [confidential versions]
 Microsoft Visual Studio [confidential versions]
 Microsoft Windows 2003 [confidential versions]
 Microsoft Windows 2008
 Microsoft Windows Vista [confidential versions]
 Microsoft Windows XP [confidential versions]
 Microsoft Word [confidential versions]
 SharePoint Team Services [confidential versions]

DESCRIPTION

Several vulnerabilities impact GDI+ (Graphics Device Interface,
gdiplus.dll).

The VML (Vector Markup Language) format is used to represent
vectorial images in a XML format. An attacker can create a VML
file indicating an invalid gradient in order to generate an
integer overflow leading to a memory corruption. [grav:4/4;
BID-31018, CVE-2007-5348]

An attacker can create a malicious EMF (Enhanced Metafile) file in
order to corrupt the memory. [grav:4/4; BID-31019, CVE-2008-3012]

An attacker can create a malicious WMF file generating an
allocation error, leading to a buffer overflow. [grav:4/4;
BID-31021, CVE-2008-3014]

An attacker can create a GIF image with a malicious data extension
in order to corrupt the memory. [grav:4/4; BID-31020,
CVE-2008-3013]

An attacker can create a BMP image with a malicious
BitMapInfoHeader header in order to corrupt the memory. [grav:4/4;
BID-31022, CVE-2008-3015]

A local or remote attacker can therefore create malicious programs
or images in order to generate a denial of service or code
execution on victim’s computer.

CHARACTERISTICS

Identifiers: 954593, BID-31018, BID-31019, BID-31020, BID-31021,
BID-31022, CVE-2007-5348, CVE-2008-3012, CVE-2008-3013, CVE-2008-3014, CVE-2008-3015, MS08-052, VIGILANCE-VUL-8097

https://vigilance.aql.fr/tree/1/8097


See previous articles

    

See next articles












Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts