OSVDB ID: 44214

Title: Microsoft Windows GDI WMF Handling CreateDIBPatternBrushPt Function Overflow

Info

Disclosure
Apr 08, 2008

Discovery
Unknown

Dates

Exploit
Unknown

Solution
Apr 08, 2008

Description

 A buffer overflow exists in Windows. GDI fails to validate EMF and WMF image files resulting in a buffer overflow. With a specially crafted file, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity.

Classification

 Location: Local Access Required, Remote / Network Access, Context Dependent
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Patch / RCS
Exploit: Exploit Private, Exploit Unknown
Disclosure: Vendor Verified, Third-party Verified

Solution

 Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability.

Products

Microsoft Corporation

Windows

 XP SP2
2003 Server SP1
2003 Server SP2
2003 Server x64
2000 SP4
Vista
Vista SP1
Vista x64
2008 Server
XP Pro x64
2003 Server x64 SP2
2003 Server for Itanium SP2
XP Pro x64 SP2
Vista x64 SP1
2003 Server for Itanium SP1

References

Credit
  • Jun Mao - iDefense Labs
  • Sebastian Apelt - webmasterbuzzworld.org -
  • Thomas Garnier - SkyRecon
  • Yamata Li - Palo Alto Networks


Direct URL: http://osvdb.org/44214