This application requires Javascript for optimal performance.

MS.GDIPLUS.BMP.Width.Parsing.Remote.Code.Execution

Release Date Nov 04, 2011
Severity high
Impact System Compromise: Remote attackers can gain control of vulnerable systems
Description This indicates an attack attempt to exploit an Integer Overflow vulnerability in Microsoft Windows. This vulnerability is a result of an improper boundary check condition when handling maliciously crafted BMP files. As a result, a remote attacker may be able to execute arbitrary code within the context of the application.
Affected Products Microsoft Digital Image Suite 2006 Microsoft Forefront Client Security 1.0 Microsoft Office XP Service Pack 3 Microsoft Office 2003 Service Pack 2 Microsoft Office 2003 Service Pack 3 Microsoft Office System 2007 Microsoft Office System 2007 Service Pack 1 Microsoft PowerPoint Viewer 2003 Microsoft Report Viewer 2005 Redistributable Package Service Pack 1 Microsoft Report Viewer 2008 Redistributable Package Microsoft SQL Server 2005 Service Pack 2 Microsoft SQL Server 2005 Itanium Edition Service Pack 2 Microsoft SQL Server 2005 x64 Edition Service Pack 2 Microsoft SQL Server Reporting Services 2000 Service Pack 2 Microsoft Visio 2002 Service Pack 2 Microsoft Works 8.0
Recommended Actions Apply the most recent upgrade or patch from the vendor. http://technet.microsoft.com/en-us/security/bulletin/ms08-052
Coverage IPS VCM
Common Vulnerabilities and Exposures (CVE) CVE-2008-3015 CVE-2004-0904
Reference/s http://technet.microsoft.com/en-us/security/bulletin/MS08-052.mspx (MS-ID) http://www.securityfocus.com/bid/11171 (BugTraq)

Reference: VID-29901

Current Threat Level

Vulnerabilities

Virus/Spyware

Spam

PGP Keys

Contact Form

Copyright © 2012 Fortinet Inc. All Rights Reserved