CVSS: 9.3EPSS: 95%CPEs: 43EXPL: 6CVE-2004-0200 – Microsoft Windows - JPEG Processing Buffer Overrun (MS04-028)
https://notcve.org/view.php?id=CVE-2004-0200
Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation. Desbordamiento de búfer en el motor de proceso de JPEG (JPG) en GDIPlus.dll, usado en varios productos de Microsoft, permite a atacantes remotos ejecutar código de su elección mediante un campo de longitud JPEG COM pequeño que es normalizado a una longitud de entero grande antes de una operación de copia de memoria. • https://www.exploit-db.com/exploits/474 https://www.exploit-db.com/exploits/556 https://www.exploit-db.com/exploits/475 https://www.exploit-db.com/exploits/478 https://www.exploit-db.com/exploits/472 https://www.exploit-db.com/exploits/480 http://marc.info/?l=bugtraq&m=109524346729948&w=2 http://www.kb.cert.org/vuls/id/297462 http://www.us-cert.gov/cas/techalerts/TA04-260A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms •
CVSS: 5.1EPSS: 1%CPEs: 3EXPL: 1CVE-2000-0200 – Microsoft Clip Art Gallery 5.0 - Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2000-0200
Buffer overflow in Microsoft Clip Art Gallery allows remote attackers to cause a denial of service or execute commands via a malformed CIL (clip art library) file, aka the "Clip Art Buffer Overrun" vulnerability. • https://www.exploit-db.com/exploits/19789 http://www.securityfocus.com/bid/1034 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-015 •