OSVDB ID: 44213

Title: Microsoft Windows GDI (gdi32.dll) EMF File Handling Multiple Overflows

Info

Disclosure
Apr 08, 2008

Discovery
Dec 17, 2008

Dates

Exploit
Unknown

Solution
Apr 08, 2008

Description

 A heap overflow overflow exists in Windows. gdi32.dll fails to validate EMF files resulting in a heap overflow. With a specially crafted file, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity.

Classification

 Location: Local Access Required, Remote / Network Access, Context Dependent
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Patch / RCS
Exploit: Exploit Public, Exploit Private
Disclosure: Vendor Verified

Solution

 Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability.

Products

Microsoft Corporation

Windows

 XP SP2
XP Pro x64
2003 Server x64
2000 SP4
Vista
2003 Server for Itanium
2003 Server SP1
Vista SP1
2008 Server
Vista x64 SP1
2003 Server x64 SP2
2003 Server for Itanium SP2
XP Pro x64 SP2
Vista x64

References

Credit
  • Jun Mao - iDefense Labs


Direct URL: http://osvdb.org/44213