CVE-2008-3014
https://notcve.org/view.php?id=CVE-2008-3014
Buffer overflow in gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a malformed WMF image file that triggers improper memory allocation, aka "GDI+ WMF Buffer Overrun Vulnerability." Desbordamiento de búfer en gdiplus.dll en GDI+ en Microsoft Internet Explorer 6 SP1, Windows XP SP2 y SP3, Server 2003 SP1 y SP2, Vista Gold y SP1, Server 2008, Office XP SP3, Office 2003 SP2 y SP3, 2007 Microsoft Office System Gold y SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 y 2008, y Forefront Client Security 1.0, permite a atacantes remotos ejecutar código de su elección a través de un archivo de imagen WMF que lanza una asignación de memoria inadecuada, también conocida como "Vulnerabilidad GDI+ WMF Buffer Overrun". • http://marc.info/?l=bugtraq&m=122235754013992&w=2 http://secunia.com/advisories/32154 http://www.securityfocus.com/bid/31021 http://www.securitytracker.com/id?1020837 http://www.us-cert.gov/cas/techalerts/TA08-253A.html http://www.vupen.com/english/advisories/2008/2520 http://www.vupen.com/english/advisories/2008/2696 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval% • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2007-5348 – Microsoft Internet Explorer - GDI+ (PoC) (MS08-052)
https://notcve.org/view.php?id=CVE-2007-5348
Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via an image file with crafted gradient sizes in gradient fill input, which triggers a heap-based buffer overflow related to GdiPlus.dll and VGX.DLL, aka "GDI+ VML Buffer Overrun Vulnerability." Desbordamiento de enteros en GDI+ en Microsoft Internet Explorer versión 6 SP1, Windows XP SP2 y SP3, Server 2003 SP1 y SP2, Vista Gold y SP1, Server 2008, Office XP SP3, Office 2003 SP2 y SP3, 2007 Microsoft Office System Gold y SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works versión 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 y 2008, y Forefront Client Security versión 1.0, permite a atacantes remotos ejecutar código arbitrario por medio de un archivo de imagen con tamaño degradado creados en la entrada de relleno de degradado, que activa un desbordamiento de búfer en la región heap de la memoria relacionado con las bibliotecas GdiPlus.dll y VGX.DLL, también se conoce como "GDI+ VML Buffer Overrun Vulnerability." • https://www.exploit-db.com/exploits/6619 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=743 http://marc.info/?l=bugtraq&m=122235754013992&w=2 http://secunia.com/advisories/32154 http://www.securityfocus.com/bid/31018 http://www.securitytracker.com/id?1020834 http://www.us-cert.gov/cas/techalerts/TA08-253A.html http://www.vupen.com/english/advisories/2008/2520 http://www.vupen.com/english/advisories/2008/2696 https://docs.microsoft.com/en-us/secur • CWE-189: Numeric Errors •
CVE-2008-3013 – Microsoft Windows GDI+ GIF Parsing Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2008-3013
gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a malformed GIF image file containing many extension markers for graphic control extensions and subsequent unknown labels, aka "GDI+ GIF Parsing Vulnerability." La biblioteca gdiplus.dll en GDI en Microsoft Internet Explorer versión 6 SP1, Windows XP SP2 y SP3, Server 2003 SP1 y SP2, Vista Gold y SP1, Server 2008, Office XP SP3, Office 2003 SP2 y SP3, 2007 Microsoft Office System Gold y SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works versión 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 y 2008, y Forefront Client Security versión 1.0, permite a los atacantes remotos ejecutar código arbitrario por medio de un archivo de imagen GIF malformado que contiene muchos marcadores de extensión para extensiones de control gráfico y etiquetas desconocidas posteriores, también se conoce como "GDI+ GIF Parsing Vulnerability." This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows XP, Server and Vista. User interaction is required in that a user must open a malicious image file or browse to a malicious website. The specific flaws exist in the GDI+ subsystem when parsing maliciously crafted GIF files. By supplying a malformed graphic control extension an attacker can trigger an exploitable memory corruption condition. • https://www.exploit-db.com/exploits/6716 http://ifsec.blogspot.com/2008/09/windows-gdi-gif-memory-corruption.html http://marc.info/?l=bugtraq&m=122235754013992&w=2 http://secunia.com/advisories/32154 http://www.securityfocus.com/archive/1/496154/100/0/threaded http://www.securityfocus.com/bid/31020 http://www.securitytracker.com/id?1020836 http://www.us-cert.gov/cas/techalerts/TA08-253A.html http://www.vupen.com/english/advisories/2008/2520 http://www.vupen.com • CWE-399: Resource Management Errors •
CVE-2008-2255
https://notcve.org/view.php?id=CVE-2008-2255
Microsoft Internet Explorer 5.01, 6, and 7 accesses uninitialized memory, which allows remote attackers to cause a denial of service (crash) and execute arbitrary code via unknown vectors, a different vulnerability than CVE-2008-2254, aka "HTML Object Memory Corruption Vulnerability." Microsoft Internet Explorer 5.01, 6 y 7 accede a memoria no inicializada, lo que permite a atacantes remotos provocar una denegación de servicio (caída) y ejecutar código de su elección mediante vectores desconocidos, una vulnerabilidad distinta a CVE-2008-2254, también conocida como "HTML Object Memory Corruption Vulnerability (Vulnerabilidad de Corrupción de Memoria de Objeto HTML)". • http://marc.info/?l=bugtraq&m=121915960406986&w=2 http://secunia.com/advisories/31375 http://www.securitytracker.com/id?1020674 http://www.us-cert.gov/cas/techalerts/TA08-225A.html http://www.vupen.com/english/advisories/2008/2349 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-045 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5602 • CWE-399: Resource Management Errors •
CVE-2008-2254
https://notcve.org/view.php?id=CVE-2008-2254
Microsoft Internet Explorer 6 and 7 accesses uninitialized memory, which allows remote attackers to cause a denial of service (crash) and execute arbitrary code via unknown vectors, aka "HTML Object Memory Corruption Vulnerability." Internet Explorer de Microsoft versiones 6 y 7, accede a la memoria no inicializada, lo que permite a los atacantes remotos causar una denegación de servicio (bloqueo) y ejecutar código arbitrario por medio de vectores desconocidos, también se conoce como "HTML Object Memory Corruption Vulnerability". • http://marc.info/?l=bugtraq&m=121915960406986&w=2 http://secunia.com/advisories/31375 http://www.securityfocus.com/bid/30614 http://www.securitytracker.com/id?1020674 http://www.us-cert.gov/cas/techalerts/TA08-225A.html http://www.vupen.com/english/advisories/2008/2349 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-045 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5820 • CWE-399: Resource Management Errors •