BMP.Image.Width.Parsing.Code.Execution

description-logoDescription

This indicates an attack attempt to exploit an Integer Overflow vulnerability in Microsoft Windows.
This vulnerability is a result of an improper boundary check condition when handling maliciously crafted BMP files. As a result, a remote attacker may be able to execute arbitrary code within the context of the application.

affected-products-logoAffected Products

Microsoft Digital Image Suite 2006
Microsoft Forefront Client Security 1.0
Microsoft Office XP Service Pack 3
Microsoft Office 2003 Service Pack 2
Microsoft Office 2003 Service Pack 3
Microsoft Office System 2007
Microsoft Office System 2007 Service Pack 1
Microsoft PowerPoint Viewer 2003
Microsoft Report Viewer 2005 Redistributable Package Service Pack 1
Microsoft Report Viewer 2008 Redistributable Package
Microsoft SQL Server 2005 Service Pack 2
Microsoft SQL Server 2005 Itanium Edition Service Pack 2
Microsoft SQL Server 2005 x64 Edition Service Pack 2
Microsoft SQL Server Reporting Services 2000 Service Pack 2
Microsoft Visio 2002 Service Pack 2
Microsoft Works 8.0

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
http://technet.microsoft.com/en-us/security/bulletin/ms08-052

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)