This application requires Javascript for optimal performance.

MS.GDIPlus.Multiple.Run.Length.Zero.Code.Execution

Release Date

Oct 14, 2009

Severity

critical

Impact

System compromise.

Description

This indicates a possible attempt to exploit a buffer overwrite vulnerability in gdiplus.dll of Microsoft Windows operating system.

Affected Products

gdiplus.dll version 5.1.3102.5512

Recommended Actions

You may refer to Microsoft advisory for patches or updates:
http://www.microsoft.com/technet/security/Bulletin/ms09-062.mspx

Coverage

IPS
VCM

Common Vulnerabilities and Exposures (CVE)

CVE-2009-2503

Reference/s

http://technet.microsoft.com/en-us/security/bulletin/ms09-062.mspx (MS-ID)

Reference: VID-17818