CVE-2009-2528
https://notcve.org/view.php?id=CVE-2009-2528
GDI+ in Microsoft Office XP SP3 does not properly handle malformed objects in Office Art Property Tables, which allows remote attackers to execute arbitrary code via a crafted Office document that triggers memory corruption, aka "Memory Corruption Vulnerability." GDI+ en Microsoft Office XP SP3 no maneja adecuadamente los objetos mal formados en Office Art Property Tables, lo que permite a atacantes remotos ejecutar código de su elección a través de un documento de Office manipulado que provoca una corrupción de memoria, "también conocida como vulnerabilidad de corrupción de memoria". • http://www.us-cert.gov/cas/techalerts/TA09-286A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6426 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2009-3126
https://notcve.org/view.php?id=CVE-2009-3126
Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted PNG image file, aka "GDI+ PNG Integer Overflow Vulnerability." Desbordamiento de entero en GDI+ en Microsoft Internet Explorer v6 SP1, Windows XP SP2 y SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 y SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold y SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, y SP2, Office Compatibility Pack para Word, Excel, y PowerPoint 2007 File Formats SP1 y SP2, Expression Web, Expression Web v2, Groove 2007 Gold y SP1, Works v8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 y SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold y SP1, y Forefront Client Security v1.0 permite a atacantes remotos ejecutar código arbitrario a través de una fichero de imagen PNG manipulada, también conocido como "Vulnerabilidad de desbordamiento de entero GDI+ PNG" • http://www.us-cert.gov/cas/techalerts/TA09-286A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6134 • CWE-189: Numeric Errors •
CVE-2009-2503 – Microsoft Windows GDI+ TIFF Parsing Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2009-2503
GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Windows Server 2003 SP2, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 does not properly allocate an unspecified buffer, which allows remote attackers to execute arbitrary code via a crafted TIFF image file that triggers memory corruption, aka "GDI+ TIFF Memory Corruption Vulnerability." GDI+ en Microsoft Internet Explorer v6 SP1, Windows XP SP2 y SP3, Windows Server 2003 SP2, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 y SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold y SP3, Office Excel Viewer 2003 Gold y SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, y SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 y SP2, Expression Web, Expression Web v2, Groove 2007 Gold y SP1, Works v8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 y SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold y SP1, y Forefront Client Security v1.0 no localiza adecuadamente un búfer sin especificar, lo que permite a atacantes remotos ejecutar código arbitrario a través de un fichero de imagen TIFF que inicia una corrupción de memoria, también conocido como "Vulnerabilidad de corrupción de memoria GDI+ TIFF" This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required in that a user must open a malicious image file or browse to a malicious website. The specific flaws exist in the GDI+ subsystem when parsing maliciously crafted TIFF files. By supplying a malformed graphic control extension an attacker can trigger an exploitable memory corruption condition. Successful exploitation can result in arbitrary code execution under the credentials of the currently logged in user. • http://www.us-cert.gov/cas/techalerts/TA09-286A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6491 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2009-0224
https://notcve.org/view.php?id=CVE-2009-0224
Microsoft Office PowerPoint 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; PowerPoint Viewer 2003 and 2007 SP1 and SP2; PowerPoint in Microsoft Office 2004 for Mac and 2008 for Mac; Open XML File Format Converter for Mac; Microsoft Works 8.5 and 9.0; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 do not properly validate PowerPoint files, which allows remote attackers to execute arbitrary code via multiple crafted BuildList records that include ChartBuild containers, which triggers memory corruption, aka "Memory Corruption Vulnerability." Microsoft Office PowerPoint 2000 SP3, 2002 SP3, 2003 SP3, y 2007 SP1 y SP2; PowerPoint Viewer 2003 y 2007 SP1 y SP2; PowerPoint en Microsoft Office 2004 para Mac y 2008 para Mac; Open XML File Format Converter para Mac; Microsoft Works 8.5 y 9.0; y Microsoft Office Compatibility Pack para Word, Excel, y PowerPoint 2007 File Formats SP1 y SP2 no valida adecuadamente la lista de registros en ficheros PowerPoint, lo que permite a atantes remotos ejecutar código de su elección a través de ficheros manipulados que lanzan una corrupción de memoria relacionada con un tipo de registro inválido, también conocido como "Vulnerabilidad de corrupción de memoria". • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=793 http://secunia.com/advisories/32428 http://www.securityfocus.com/bid/34879 http://www.securitytracker.com/id?1022205 http://www.us-cert.gov/cas/techalerts/TA09-132A.html http://www.vupen.com/english/advisories/2009/1290 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-017 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6023 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2008-3012
https://notcve.org/view.php?id=CVE-2008-3012
gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 does not properly perform memory allocation, which allows remote attackers to execute arbitrary code via a malformed EMF image file, aka "GDI+ EMF Memory Corruption Vulnerability." gdiplus.dll en GDI+ de Microsoft Internet Explorer 6 SP1, Windows XP SP2 y SP3, Server 2003 SP1 y SP2, Vista Gold y SP1, Server 2008, Office XP SP3, Office 2003 SP2 y SP3, 2007 Microsoft Office System Gold y SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 y 2008 y Forefront Client Security 1.0 no realiza correctamente la asignación de memoria, lo que permite a atacantes remotos ejecutar código de su elección mediante un archivo de imagen EMF mal formado, también conocido como "GDI+ EMF Memory Corruption Vulnerability (Vulnerabilidad de Corrupción de Memoria GDI+EMF)". • http://marc.info/?l=bugtraq&m=122235754013992&w=2 http://secunia.com/advisories/32154 http://www.securityfocus.com/bid/31019 http://www.securitytracker.com/id?1020835 http://www.us-cert.gov/cas/techalerts/TA08-253A.html http://www.vupen.com/english/advisories/2008/2520 http://www.vupen.com/english/advisories/2008/2696 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval% • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •