All the vulnerabilites related to microsoft - sql_server_reporting_services
cve-2009-2500
Vulnerability from cvelistv5
Published
2009-10-14 10:00
Modified
2024-08-07 05:52
Severity ?
Summary
Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted WMF image file, aka "GDI+ WMF Integer Overflow Vulnerability."
References
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5967vdb-entry, signature, x_refsource_OVAL
http://www.us-cert.gov/cas/techalerts/TA09-286A.htmlthird-party-advisory, x_refsource_CERT
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062vendor-advisory, x_refsource_MS
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:52:14.730Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "oval:org.mitre.oval:def:5967",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5967"
          },
          {
            "name": "TA09-286A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html"
          },
          {
            "name": "MS09-062",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-10-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted WMF image file, aka \"GDI+ WMF Integer Overflow Vulnerability.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "oval:org.mitre.oval:def:5967",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5967"
        },
        {
          "name": "TA09-286A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html"
        },
        {
          "name": "MS09-062",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2009-2500",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted WMF image file, aka \"GDI+ WMF Integer Overflow Vulnerability.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "oval:org.mitre.oval:def:5967",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5967"
            },
            {
              "name": "TA09-286A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html"
            },
            {
              "name": "MS09-062",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2009-2500",
    "datePublished": "2009-10-14T10:00:00",
    "dateReserved": "2009-07-17T00:00:00",
    "dateUpdated": "2024-08-07T05:52:14.730Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2008-3013
Vulnerability from cvelistv5
Published
2008-09-10 15:00
Modified
2024-08-07 09:21
Severity ?
Summary
gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a malformed GIF image file containing many extension markers for graphic control extensions and subsequent unknown labels, aka "GDI+ GIF Parsing Vulnerability."
References
http://secunia.com/advisories/32154third-party-advisory, x_refsource_SECUNIA
http://www.zerodayinitiative.com/advisories/ZDI-08-056x_refsource_MISC
http://ifsec.blogspot.com/2008/09/windows-gdi-gif-memory-corruption.htmlx_refsource_MISC
http://marc.info/?l=bugtraq&m=122235754013992&w=2vendor-advisory, x_refsource_HP
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052vendor-advisory, x_refsource_MS
http://www.vupen.com/english/advisories/2008/2696vdb-entry, x_refsource_VUPEN
http://www.zerodayinitiative.com/advisories/ZDI-08-056/x_refsource_MISC
http://marc.info/?l=bugtraq&m=122235754013992&w=2vendor-advisory, x_refsource_HP
http://www.securitytracker.com/id?1020836vdb-entry, x_refsource_SECTRACK
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5986vdb-entry, signature, x_refsource_OVAL
http://www.securityfocus.com/archive/1/496154/100/0/threadedmailing-list, x_refsource_BUGTRAQ
http://www.securityfocus.com/bid/31020vdb-entry, x_refsource_BID
http://www.us-cert.gov/cas/techalerts/TA08-253A.htmlthird-party-advisory, x_refsource_CERT
http://www.vupen.com/english/advisories/2008/2520vdb-entry, x_refsource_VUPEN
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T09:21:34.961Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "32154",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/32154"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-056"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://ifsec.blogspot.com/2008/09/windows-gdi-gif-memory-corruption.html"
          },
          {
            "name": "HPSBST02372",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
          },
          {
            "name": "MS08-052",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052"
          },
          {
            "name": "ADV-2008-2696",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/2696"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-056/"
          },
          {
            "name": "SSRT080133",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
          },
          {
            "name": "1020836",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1020836"
          },
          {
            "name": "oval:org.mitre.oval:def:5986",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5986"
          },
          {
            "name": "20080909 ZDI-08-056: Microsoft Windows GDI+ GIF Parsing Code Execution Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/496154/100/0/threaded"
          },
          {
            "name": "31020",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/31020"
          },
          {
            "name": "TA08-253A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA08-253A.html"
          },
          {
            "name": "ADV-2008-2520",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/2520"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-09-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a malformed GIF image file containing many extension markers for graphic control extensions and subsequent unknown labels, aka \"GDI+ GIF Parsing Vulnerability.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "32154",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/32154"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-056"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://ifsec.blogspot.com/2008/09/windows-gdi-gif-memory-corruption.html"
        },
        {
          "name": "HPSBST02372",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
        },
        {
          "name": "MS08-052",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052"
        },
        {
          "name": "ADV-2008-2696",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/2696"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-056/"
        },
        {
          "name": "SSRT080133",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
        },
        {
          "name": "1020836",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1020836"
        },
        {
          "name": "oval:org.mitre.oval:def:5986",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5986"
        },
        {
          "name": "20080909 ZDI-08-056: Microsoft Windows GDI+ GIF Parsing Code Execution Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/496154/100/0/threaded"
        },
        {
          "name": "31020",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/31020"
        },
        {
          "name": "TA08-253A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA08-253A.html"
        },
        {
          "name": "ADV-2008-2520",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/2520"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2008-3013",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a malformed GIF image file containing many extension markers for graphic control extensions and subsequent unknown labels, aka \"GDI+ GIF Parsing Vulnerability.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "32154",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/32154"
            },
            {
              "name": "http://www.zerodayinitiative.com/advisories/ZDI-08-056",
              "refsource": "MISC",
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-056"
            },
            {
              "name": "http://ifsec.blogspot.com/2008/09/windows-gdi-gif-memory-corruption.html",
              "refsource": "MISC",
              "url": "http://ifsec.blogspot.com/2008/09/windows-gdi-gif-memory-corruption.html"
            },
            {
              "name": "HPSBST02372",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
            },
            {
              "name": "MS08-052",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052"
            },
            {
              "name": "ADV-2008-2696",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/2696"
            },
            {
              "name": "http://www.zerodayinitiative.com/advisories/ZDI-08-056/",
              "refsource": "MISC",
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-056/"
            },
            {
              "name": "SSRT080133",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
            },
            {
              "name": "1020836",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1020836"
            },
            {
              "name": "oval:org.mitre.oval:def:5986",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5986"
            },
            {
              "name": "20080909 ZDI-08-056: Microsoft Windows GDI+ GIF Parsing Code Execution Vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/496154/100/0/threaded"
            },
            {
              "name": "31020",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/31020"
            },
            {
              "name": "TA08-253A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA08-253A.html"
            },
            {
              "name": "ADV-2008-2520",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/2520"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2008-3013",
    "datePublished": "2008-09-10T15:00:00",
    "dateReserved": "2008-07-07T00:00:00",
    "dateUpdated": "2024-08-07T09:21:34.961Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2009-2504
Vulnerability from cvelistv5
Published
2009-10-14 10:00
Modified
2024-08-07 05:52
Severity ?
Summary
Multiple integer overflows in unspecified APIs in GDI+ in Microsoft .NET Framework 1.1 SP1, .NET Framework 2.0 SP1 and SP2, Windows XP SP2 and SP3, Windows Server 2003 SP2, Vista Gold and SP1, Server 2008 Gold, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allow remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka "GDI+ .NET API Vulnerability."
References
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6282vdb-entry, signature, x_refsource_OVAL
http://www.us-cert.gov/cas/techalerts/TA09-286A.htmlthird-party-advisory, x_refsource_CERT
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062vendor-advisory, x_refsource_MS
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:52:14.775Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "oval:org.mitre.oval:def:6282",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6282"
          },
          {
            "name": "TA09-286A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html"
          },
          {
            "name": "MS09-062",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-10-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple integer overflows in unspecified APIs in GDI+ in Microsoft .NET Framework 1.1 SP1, .NET Framework 2.0 SP1 and SP2, Windows XP SP2 and SP3, Windows Server 2003 SP2, Vista Gold and SP1, Server 2008 Gold, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allow remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka \"GDI+ .NET API Vulnerability.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "oval:org.mitre.oval:def:6282",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6282"
        },
        {
          "name": "TA09-286A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html"
        },
        {
          "name": "MS09-062",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2009-2504",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple integer overflows in unspecified APIs in GDI+ in Microsoft .NET Framework 1.1 SP1, .NET Framework 2.0 SP1 and SP2, Windows XP SP2 and SP3, Windows Server 2003 SP2, Vista Gold and SP1, Server 2008 Gold, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allow remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka \"GDI+ .NET API Vulnerability.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "oval:org.mitre.oval:def:6282",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6282"
            },
            {
              "name": "TA09-286A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html"
            },
            {
              "name": "MS09-062",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2009-2504",
    "datePublished": "2009-10-14T10:00:00",
    "dateReserved": "2009-07-17T00:00:00",
    "dateUpdated": "2024-08-07T05:52:14.775Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2008-3015
Vulnerability from cvelistv5
Published
2008-09-10 15:00
Modified
2024-08-07 09:21
Severity ?
Summary
Integer overflow in gdiplus.dll in GDI+ in Microsoft Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a BMP image file with a malformed BitMapInfoHeader that triggers a buffer overflow, aka "GDI+ BMP Integer Overflow Vulnerability."
References
http://secunia.com/advisories/32154third-party-advisory, x_refsource_SECUNIA
http://www.securitytracker.com/id?1020838vdb-entry, x_refsource_SECTRACK
http://marc.info/?l=bugtraq&m=122235754013992&w=2vendor-advisory, x_refsource_HP
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052vendor-advisory, x_refsource_MS
http://www.securityfocus.com/archive/1/496153/100/0/threadedmailing-list, x_refsource_BUGTRAQ
http://www.vupen.com/english/advisories/2008/2696vdb-entry, x_refsource_VUPEN
http://www.evilfingers.com/patchTuesday/MS08_052_GDI+_Vulnerability.txtx_refsource_MISC
https://www.exploit-db.com/exploits/6716exploit, x_refsource_EXPLOIT-DB
http://www.zerodayinitiative.com/advisories/ZDI-08-055x_refsource_MISC
http://marc.info/?l=bugtraq&m=122235754013992&w=2vendor-advisory, x_refsource_HP
http://www.securityfocus.com/bid/31022vdb-entry, x_refsource_BID
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5881vdb-entry, signature, x_refsource_OVAL
http://www.evilfingers.com/patchTuesday/MS08_052_GDI+_Vulnerability_ver2.txtx_refsource_MISC
https://www.exploit-db.com/exploits/6619exploit, x_refsource_EXPLOIT-DB
http://www.us-cert.gov/cas/techalerts/TA08-253A.htmlthird-party-advisory, x_refsource_CERT
http://www.vupen.com/english/advisories/2008/2520vdb-entry, x_refsource_VUPEN
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T09:21:34.937Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "32154",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/32154"
          },
          {
            "name": "1020838",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1020838"
          },
          {
            "name": "HPSBST02372",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
          },
          {
            "name": "MS08-052",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052"
          },
          {
            "name": "20080909 ZDI-08-055: Microsoft Windows GDI+ BMP Parsing Code Execution Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/496153/100/0/threaded"
          },
          {
            "name": "ADV-2008-2696",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/2696"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.evilfingers.com/patchTuesday/MS08_052_GDI+_Vulnerability.txt"
          },
          {
            "name": "6716",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/6716"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-055"
          },
          {
            "name": "SSRT080133",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
          },
          {
            "name": "31022",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/31022"
          },
          {
            "name": "oval:org.mitre.oval:def:5881",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5881"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.evilfingers.com/patchTuesday/MS08_052_GDI+_Vulnerability_ver2.txt"
          },
          {
            "name": "6619",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/6619"
          },
          {
            "name": "TA08-253A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA08-253A.html"
          },
          {
            "name": "ADV-2008-2520",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/2520"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-09-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in gdiplus.dll in GDI+ in Microsoft Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a BMP image file with a malformed BitMapInfoHeader that triggers a buffer overflow, aka \"GDI+ BMP Integer Overflow Vulnerability.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "32154",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/32154"
        },
        {
          "name": "1020838",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1020838"
        },
        {
          "name": "HPSBST02372",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
        },
        {
          "name": "MS08-052",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052"
        },
        {
          "name": "20080909 ZDI-08-055: Microsoft Windows GDI+ BMP Parsing Code Execution Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/496153/100/0/threaded"
        },
        {
          "name": "ADV-2008-2696",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/2696"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.evilfingers.com/patchTuesday/MS08_052_GDI+_Vulnerability.txt"
        },
        {
          "name": "6716",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/6716"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-055"
        },
        {
          "name": "SSRT080133",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
        },
        {
          "name": "31022",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/31022"
        },
        {
          "name": "oval:org.mitre.oval:def:5881",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5881"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.evilfingers.com/patchTuesday/MS08_052_GDI+_Vulnerability_ver2.txt"
        },
        {
          "name": "6619",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/6619"
        },
        {
          "name": "TA08-253A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA08-253A.html"
        },
        {
          "name": "ADV-2008-2520",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/2520"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2008-3015",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in gdiplus.dll in GDI+ in Microsoft Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a BMP image file with a malformed BitMapInfoHeader that triggers a buffer overflow, aka \"GDI+ BMP Integer Overflow Vulnerability.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "32154",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/32154"
            },
            {
              "name": "1020838",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1020838"
            },
            {
              "name": "HPSBST02372",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
            },
            {
              "name": "MS08-052",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052"
            },
            {
              "name": "20080909 ZDI-08-055: Microsoft Windows GDI+ BMP Parsing Code Execution Vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/496153/100/0/threaded"
            },
            {
              "name": "ADV-2008-2696",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/2696"
            },
            {
              "name": "http://www.evilfingers.com/patchTuesday/MS08_052_GDI+_Vulnerability.txt",
              "refsource": "MISC",
              "url": "http://www.evilfingers.com/patchTuesday/MS08_052_GDI+_Vulnerability.txt"
            },
            {
              "name": "6716",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/6716"
            },
            {
              "name": "http://www.zerodayinitiative.com/advisories/ZDI-08-055",
              "refsource": "MISC",
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-055"
            },
            {
              "name": "SSRT080133",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
            },
            {
              "name": "31022",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/31022"
            },
            {
              "name": "oval:org.mitre.oval:def:5881",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5881"
            },
            {
              "name": "http://www.evilfingers.com/patchTuesday/MS08_052_GDI+_Vulnerability_ver2.txt",
              "refsource": "MISC",
              "url": "http://www.evilfingers.com/patchTuesday/MS08_052_GDI+_Vulnerability_ver2.txt"
            },
            {
              "name": "6619",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/6619"
            },
            {
              "name": "TA08-253A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA08-253A.html"
            },
            {
              "name": "ADV-2008-2520",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/2520"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2008-3015",
    "datePublished": "2008-09-10T15:00:00",
    "dateReserved": "2008-07-07T00:00:00",
    "dateUpdated": "2024-08-07T09:21:34.937Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2009-2501
Vulnerability from cvelistv5
Published
2009-10-14 10:00
Modified
2024-08-07 05:52
Severity ?
Summary
Heap-based buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted PNG image file, aka "GDI+ PNG Heap Overflow Vulnerability."
References
http://www.us-cert.gov/cas/techalerts/TA09-286A.htmlthird-party-advisory, x_refsource_CERT
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5800vdb-entry, signature, x_refsource_OVAL
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062vendor-advisory, x_refsource_MS
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:52:14.827Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "TA09-286A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html"
          },
          {
            "name": "oval:org.mitre.oval:def:5800",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5800"
          },
          {
            "name": "MS09-062",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-10-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap-based buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted PNG image file, aka \"GDI+ PNG Heap Overflow Vulnerability.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "TA09-286A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html"
        },
        {
          "name": "oval:org.mitre.oval:def:5800",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5800"
        },
        {
          "name": "MS09-062",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2009-2501",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Heap-based buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted PNG image file, aka \"GDI+ PNG Heap Overflow Vulnerability.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "TA09-286A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html"
            },
            {
              "name": "oval:org.mitre.oval:def:5800",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5800"
            },
            {
              "name": "MS09-062",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2009-2501",
    "datePublished": "2009-10-14T10:00:00",
    "dateReserved": "2009-07-17T00:00:00",
    "dateUpdated": "2024-08-07T05:52:14.827Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2009-2528
Vulnerability from cvelistv5
Published
2009-10-14 10:00
Modified
2024-08-07 05:52
Severity ?
Summary
GDI+ in Microsoft Office XP SP3 does not properly handle malformed objects in Office Art Property Tables, which allows remote attackers to execute arbitrary code via a crafted Office document that triggers memory corruption, aka "Memory Corruption Vulnerability."
References
http://www.us-cert.gov/cas/techalerts/TA09-286A.htmlthird-party-advisory, x_refsource_CERT
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6426vdb-entry, signature, x_refsource_OVAL
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062vendor-advisory, x_refsource_MS
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:52:15.196Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "TA09-286A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html"
          },
          {
            "name": "oval:org.mitre.oval:def:6426",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6426"
          },
          {
            "name": "MS09-062",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-10-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "GDI+ in Microsoft Office XP SP3 does not properly handle malformed objects in Office Art Property Tables, which allows remote attackers to execute arbitrary code via a crafted Office document that triggers memory corruption, aka \"Memory Corruption Vulnerability.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "TA09-286A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html"
        },
        {
          "name": "oval:org.mitre.oval:def:6426",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6426"
        },
        {
          "name": "MS09-062",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2009-2528",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "GDI+ in Microsoft Office XP SP3 does not properly handle malformed objects in Office Art Property Tables, which allows remote attackers to execute arbitrary code via a crafted Office document that triggers memory corruption, aka \"Memory Corruption Vulnerability.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "TA09-286A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html"
            },
            {
              "name": "oval:org.mitre.oval:def:6426",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6426"
            },
            {
              "name": "MS09-062",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2009-2528",
    "datePublished": "2009-10-14T10:00:00",
    "dateReserved": "2009-07-17T00:00:00",
    "dateUpdated": "2024-08-07T05:52:15.196Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2009-2502
Vulnerability from cvelistv5
Published
2009-10-14 10:00
Modified
2024-10-21 16:34
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted TIFF image file, aka "GDI+ TIFF Buffer Overflow Vulnerability."
References
http://www.us-cert.gov/cas/techalerts/TA09-286A.htmlthird-party-advisory, x_refsource_CERT
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062vendor-advisory, x_refsource_MS
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5898vdb-entry, signature, x_refsource_OVAL
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:52:14.805Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "TA09-286A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html"
          },
          {
            "name": "MS09-062",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062"
          },
          {
            "name": "oval:org.mitre.oval:def:5898",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5898"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "HIGH",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 8.1,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2009-2502",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-01-11T16:41:52.863250Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-120",
                "description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-21T16:34:33.080Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-10-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted TIFF image file, aka \"GDI+ TIFF Buffer Overflow Vulnerability.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "TA09-286A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html"
        },
        {
          "name": "MS09-062",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062"
        },
        {
          "name": "oval:org.mitre.oval:def:5898",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5898"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2009-2502",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted TIFF image file, aka \"GDI+ TIFF Buffer Overflow Vulnerability.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "TA09-286A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html"
            },
            {
              "name": "MS09-062",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062"
            },
            {
              "name": "oval:org.mitre.oval:def:5898",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5898"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2009-2502",
    "datePublished": "2009-10-14T10:00:00",
    "dateReserved": "2009-07-17T00:00:00",
    "dateUpdated": "2024-10-21T16:34:33.080Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2012-2552
Vulnerability from cvelistv5
Published
2012-10-09 21:00
Modified
2024-08-06 19:34
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in the SQL Server Report Manager in Microsoft SQL Server 2000 Reporting Services SP2 and SQL Server 2005 SP4, 2008 SP2 and SP3, 2008 R2 SP1, and 2012 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka "Reflected XSS Vulnerability."
References
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-070vendor-advisory, x_refsource_MS
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15395vdb-entry, signature, x_refsource_OVAL
http://www.us-cert.gov/cas/techalerts/TA12-283A.htmlthird-party-advisory, x_refsource_CERT
http://www.securityfocus.com/bid/55783vdb-entry, x_refsource_BID
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T19:34:25.812Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "MS12-070",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-070"
          },
          {
            "name": "oval:org.mitre.oval:def:15395",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15395"
          },
          {
            "name": "TA12-283A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA12-283A.html"
          },
          {
            "name": "55783",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/55783"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-10-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in the SQL Server Report Manager in Microsoft SQL Server 2000 Reporting Services SP2 and SQL Server 2005 SP4, 2008 SP2 and SP3, 2008 R2 SP1, and 2012 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka \"Reflected XSS Vulnerability.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "MS12-070",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-070"
        },
        {
          "name": "oval:org.mitre.oval:def:15395",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15395"
        },
        {
          "name": "TA12-283A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA12-283A.html"
        },
        {
          "name": "55783",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/55783"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2012-2552",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in the SQL Server Report Manager in Microsoft SQL Server 2000 Reporting Services SP2 and SQL Server 2005 SP4, 2008 SP2 and SP3, 2008 R2 SP1, and 2012 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka \"Reflected XSS Vulnerability.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "MS12-070",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-070"
            },
            {
              "name": "oval:org.mitre.oval:def:15395",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15395"
            },
            {
              "name": "TA12-283A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA12-283A.html"
            },
            {
              "name": "55783",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/55783"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2012-2552",
    "datePublished": "2012-10-09T21:00:00",
    "dateReserved": "2012-05-09T00:00:00",
    "dateUpdated": "2024-08-06T19:34:25.812Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2008-3014
Vulnerability from cvelistv5
Published
2008-09-10 15:00
Modified
2024-08-07 09:21
Severity ?
Summary
Buffer overflow in gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a malformed WMF image file that triggers improper memory allocation, aka "GDI+ WMF Buffer Overrun Vulnerability."
References
http://secunia.com/advisories/32154third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=122235754013992&w=2vendor-advisory, x_refsource_HP
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052vendor-advisory, x_refsource_MS
http://www.securityfocus.com/bid/31021vdb-entry, x_refsource_BID
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6004vdb-entry, signature, x_refsource_OVAL
http://www.vupen.com/english/advisories/2008/2696vdb-entry, x_refsource_VUPEN
http://www.securitytracker.com/id?1020837vdb-entry, x_refsource_SECTRACK
http://marc.info/?l=bugtraq&m=122235754013992&w=2vendor-advisory, x_refsource_HP
http://www.us-cert.gov/cas/techalerts/TA08-253A.htmlthird-party-advisory, x_refsource_CERT
http://www.vupen.com/english/advisories/2008/2520vdb-entry, x_refsource_VUPEN
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T09:21:34.956Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "32154",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/32154"
          },
          {
            "name": "HPSBST02372",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
          },
          {
            "name": "MS08-052",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052"
          },
          {
            "name": "31021",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/31021"
          },
          {
            "name": "oval:org.mitre.oval:def:6004",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6004"
          },
          {
            "name": "ADV-2008-2696",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/2696"
          },
          {
            "name": "1020837",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1020837"
          },
          {
            "name": "SSRT080133",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
          },
          {
            "name": "TA08-253A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA08-253A.html"
          },
          {
            "name": "ADV-2008-2520",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/2520"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-09-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a malformed WMF image file that triggers improper memory allocation, aka \"GDI+ WMF Buffer Overrun Vulnerability.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "32154",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/32154"
        },
        {
          "name": "HPSBST02372",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
        },
        {
          "name": "MS08-052",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052"
        },
        {
          "name": "31021",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/31021"
        },
        {
          "name": "oval:org.mitre.oval:def:6004",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6004"
        },
        {
          "name": "ADV-2008-2696",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/2696"
        },
        {
          "name": "1020837",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1020837"
        },
        {
          "name": "SSRT080133",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
        },
        {
          "name": "TA08-253A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA08-253A.html"
        },
        {
          "name": "ADV-2008-2520",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/2520"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2008-3014",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a malformed WMF image file that triggers improper memory allocation, aka \"GDI+ WMF Buffer Overrun Vulnerability.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "32154",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/32154"
            },
            {
              "name": "HPSBST02372",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
            },
            {
              "name": "MS08-052",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052"
            },
            {
              "name": "31021",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/31021"
            },
            {
              "name": "oval:org.mitre.oval:def:6004",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6004"
            },
            {
              "name": "ADV-2008-2696",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/2696"
            },
            {
              "name": "1020837",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1020837"
            },
            {
              "name": "SSRT080133",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
            },
            {
              "name": "TA08-253A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA08-253A.html"
            },
            {
              "name": "ADV-2008-2520",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/2520"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2008-3014",
    "datePublished": "2008-09-10T15:00:00",
    "dateReserved": "2008-07-07T00:00:00",
    "dateUpdated": "2024-08-07T09:21:34.956Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2009-3126
Vulnerability from cvelistv5
Published
2009-10-14 10:00
Modified
2024-08-07 06:14
Severity ?
Summary
Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted PNG image file, aka "GDI+ PNG Integer Overflow Vulnerability."
References
http://www.us-cert.gov/cas/techalerts/TA09-286A.htmlthird-party-advisory, x_refsource_CERT
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6134vdb-entry, signature, x_refsource_OVAL
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062vendor-advisory, x_refsource_MS
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T06:14:56.471Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "TA09-286A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html"
          },
          {
            "name": "oval:org.mitre.oval:def:6134",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6134"
          },
          {
            "name": "MS09-062",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-10-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted PNG image file, aka \"GDI+ PNG Integer Overflow Vulnerability.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "TA09-286A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html"
        },
        {
          "name": "oval:org.mitre.oval:def:6134",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6134"
        },
        {
          "name": "MS09-062",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2009-3126",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted PNG image file, aka \"GDI+ PNG Integer Overflow Vulnerability.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "TA09-286A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html"
            },
            {
              "name": "oval:org.mitre.oval:def:6134",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6134"
            },
            {
              "name": "MS09-062",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2009-3126",
    "datePublished": "2009-10-14T10:00:00",
    "dateReserved": "2009-09-10T00:00:00",
    "dateUpdated": "2024-08-07T06:14:56.471Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-5348
Vulnerability from cvelistv5
Published
2008-09-10 15:00
Modified
2024-08-07 15:24
Severity ?
Summary
Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via an image file with crafted gradient sizes in gradient fill input, which triggers a heap-based buffer overflow related to GdiPlus.dll and VGX.DLL, aka "GDI+ VML Buffer Overrun Vulnerability."
References
http://secunia.com/advisories/32154third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=122235754013992&w=2vendor-advisory, x_refsource_HP
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052vendor-advisory, x_refsource_MS
http://www.vupen.com/english/advisories/2008/2696vdb-entry, x_refsource_VUPEN
http://www.securitytracker.com/id?1020834vdb-entry, x_refsource_SECTRACK
http://marc.info/?l=bugtraq&m=122235754013992&w=2vendor-advisory, x_refsource_HP
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6055vdb-entry, signature, x_refsource_OVAL
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=743third-party-advisory, x_refsource_IDEFENSE
http://www.securityfocus.com/bid/31018vdb-entry, x_refsource_BID
http://www.us-cert.gov/cas/techalerts/TA08-253A.htmlthird-party-advisory, x_refsource_CERT
http://www.vupen.com/english/advisories/2008/2520vdb-entry, x_refsource_VUPEN
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:24:42.624Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "32154",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/32154"
          },
          {
            "name": "HPSBST02372",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
          },
          {
            "name": "MS08-052",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052"
          },
          {
            "name": "ADV-2008-2696",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/2696"
          },
          {
            "name": "1020834",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1020834"
          },
          {
            "name": "SSRT080133",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
          },
          {
            "name": "oval:org.mitre.oval:def:6055",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6055"
          },
          {
            "name": "20080909 Microsoft Windows GDI+ Gradient Fill Heap Overflow Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=743"
          },
          {
            "name": "31018",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/31018"
          },
          {
            "name": "TA08-253A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA08-253A.html"
          },
          {
            "name": "ADV-2008-2520",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/2520"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-09-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via an image file with crafted gradient sizes in gradient fill input, which triggers a heap-based buffer overflow related to GdiPlus.dll and VGX.DLL, aka \"GDI+ VML Buffer Overrun Vulnerability.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "32154",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/32154"
        },
        {
          "name": "HPSBST02372",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
        },
        {
          "name": "MS08-052",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052"
        },
        {
          "name": "ADV-2008-2696",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/2696"
        },
        {
          "name": "1020834",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1020834"
        },
        {
          "name": "SSRT080133",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
        },
        {
          "name": "oval:org.mitre.oval:def:6055",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6055"
        },
        {
          "name": "20080909 Microsoft Windows GDI+ Gradient Fill Heap Overflow Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=743"
        },
        {
          "name": "31018",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/31018"
        },
        {
          "name": "TA08-253A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA08-253A.html"
        },
        {
          "name": "ADV-2008-2520",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/2520"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2007-5348",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via an image file with crafted gradient sizes in gradient fill input, which triggers a heap-based buffer overflow related to GdiPlus.dll and VGX.DLL, aka \"GDI+ VML Buffer Overrun Vulnerability.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "32154",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/32154"
            },
            {
              "name": "HPSBST02372",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
            },
            {
              "name": "MS08-052",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052"
            },
            {
              "name": "ADV-2008-2696",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/2696"
            },
            {
              "name": "1020834",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1020834"
            },
            {
              "name": "SSRT080133",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
            },
            {
              "name": "oval:org.mitre.oval:def:6055",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6055"
            },
            {
              "name": "20080909 Microsoft Windows GDI+ Gradient Fill Heap Overflow Vulnerability",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=743"
            },
            {
              "name": "31018",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/31018"
            },
            {
              "name": "TA08-253A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA08-253A.html"
            },
            {
              "name": "ADV-2008-2520",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/2520"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2007-5348",
    "datePublished": "2008-09-10T15:00:00",
    "dateReserved": "2007-10-10T00:00:00",
    "dateUpdated": "2024-08-07T15:24:42.624Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-1044
Vulnerability from cvelistv5
Published
2020-09-11 17:08
Modified
2024-08-04 06:25
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
References
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1044x_refsource_MISC
Impacted products
Vendor Product Version
Microsoft SQL Server 2019 Reporting Services Version: 15.0.0   < publication
    cpe:2.3:a:microsoft:sql_server_2019_reporting_services:-:*:*:*:*:*:*:*
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:25:00.771Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1044"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:microsoft:sql_server_2017_reporting_services:-:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "SQL Server 2017 Reporting Services",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "14.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:sql_server_2019_reporting_services:-:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "SQL Server 2019 Reporting Services",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "15.0.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2020-09-08T07:00:00+00:00",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "\u003cp\u003eA security feature bypass vulnerability exists in SQL Server Reporting Services (SSRS) when the server improperly validates attachments uploaded to reports. An attacker who successfully exploited this vulnerability could upload file types that were disallowed by an administrator.\u003c/p\u003e\n\u003cp\u003eTo exploit the vulnerability, an authenticated attacker would need to send a specially crafted request to an affected SSRS server.\u003c/p\u003e\n\u003cp\u003eThe update addresses the vulnerability by modifying how SSRS validates attachment uploads.\u003c/p\u003e\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Security Feature Bypass",
              "lang": "en-US",
              "type": "Impact"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-12-31T21:34:36.891Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1044"
        }
      ],
      "title": "SQL Server Reporting Services Security Feature Bypass Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2020-1044",
    "datePublished": "2020-09-11T17:08:54",
    "dateReserved": "2019-11-04T00:00:00",
    "dateUpdated": "2024-08-04T06:25:00.771Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2008-3012
Vulnerability from cvelistv5
Published
2008-09-10 15:00
Modified
2024-08-07 09:21
Severity ?
Summary
gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 does not properly perform memory allocation, which allows remote attackers to execute arbitrary code via a malformed EMF image file, aka "GDI+ EMF Memory Corruption Vulnerability."
References
http://secunia.com/advisories/32154third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=122235754013992&w=2vendor-advisory, x_refsource_HP
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052vendor-advisory, x_refsource_MS
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6040vdb-entry, signature, x_refsource_OVAL
http://www.vupen.com/english/advisories/2008/2696vdb-entry, x_refsource_VUPEN
http://marc.info/?l=bugtraq&m=122235754013992&w=2vendor-advisory, x_refsource_HP
http://www.securitytracker.com/id?1020835vdb-entry, x_refsource_SECTRACK
http://www.securityfocus.com/bid/31019vdb-entry, x_refsource_BID
http://www.us-cert.gov/cas/techalerts/TA08-253A.htmlthird-party-advisory, x_refsource_CERT
http://www.vupen.com/english/advisories/2008/2520vdb-entry, x_refsource_VUPEN
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T09:21:34.935Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "32154",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/32154"
          },
          {
            "name": "HPSBST02372",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
          },
          {
            "name": "MS08-052",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052"
          },
          {
            "name": "oval:org.mitre.oval:def:6040",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6040"
          },
          {
            "name": "ADV-2008-2696",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/2696"
          },
          {
            "name": "SSRT080133",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
          },
          {
            "name": "1020835",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1020835"
          },
          {
            "name": "31019",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/31019"
          },
          {
            "name": "TA08-253A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA08-253A.html"
          },
          {
            "name": "ADV-2008-2520",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/2520"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-09-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 does not properly perform memory allocation, which allows remote attackers to execute arbitrary code via a malformed EMF image file, aka \"GDI+ EMF Memory Corruption Vulnerability.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "32154",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/32154"
        },
        {
          "name": "HPSBST02372",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
        },
        {
          "name": "MS08-052",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052"
        },
        {
          "name": "oval:org.mitre.oval:def:6040",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6040"
        },
        {
          "name": "ADV-2008-2696",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/2696"
        },
        {
          "name": "SSRT080133",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
        },
        {
          "name": "1020835",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1020835"
        },
        {
          "name": "31019",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/31019"
        },
        {
          "name": "TA08-253A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA08-253A.html"
        },
        {
          "name": "ADV-2008-2520",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/2520"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2008-3012",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 does not properly perform memory allocation, which allows remote attackers to execute arbitrary code via a malformed EMF image file, aka \"GDI+ EMF Memory Corruption Vulnerability.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "32154",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/32154"
            },
            {
              "name": "HPSBST02372",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
            },
            {
              "name": "MS08-052",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052"
            },
            {
              "name": "oval:org.mitre.oval:def:6040",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6040"
            },
            {
              "name": "ADV-2008-2696",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/2696"
            },
            {
              "name": "SSRT080133",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
            },
            {
              "name": "1020835",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1020835"
            },
            {
              "name": "31019",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/31019"
            },
            {
              "name": "TA08-253A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA08-253A.html"
            },
            {
              "name": "ADV-2008-2520",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/2520"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2008-3012",
    "datePublished": "2008-09-10T15:00:00",
    "dateReserved": "2008-07-07T00:00:00",
    "dateUpdated": "2024-08-07T09:21:34.935Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2009-2503
Vulnerability from cvelistv5
Published
2009-10-14 10:00
Modified
2024-08-07 05:52
Severity ?
Summary
GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Windows Server 2003 SP2, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 does not properly allocate an unspecified buffer, which allows remote attackers to execute arbitrary code via a crafted TIFF image file that triggers memory corruption, aka "GDI+ TIFF Memory Corruption Vulnerability."
References
http://www.us-cert.gov/cas/techalerts/TA09-286A.htmlthird-party-advisory, x_refsource_CERT
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062vendor-advisory, x_refsource_MS
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6491vdb-entry, signature, x_refsource_OVAL
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:52:14.695Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "TA09-286A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html"
          },
          {
            "name": "MS09-062",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062"
          },
          {
            "name": "oval:org.mitre.oval:def:6491",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6491"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-10-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Windows Server 2003 SP2, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 does not properly allocate an unspecified buffer, which allows remote attackers to execute arbitrary code via a crafted TIFF image file that triggers memory corruption, aka \"GDI+ TIFF Memory Corruption Vulnerability.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "TA09-286A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html"
        },
        {
          "name": "MS09-062",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062"
        },
        {
          "name": "oval:org.mitre.oval:def:6491",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6491"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2009-2503",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Windows Server 2003 SP2, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 does not properly allocate an unspecified buffer, which allows remote attackers to execute arbitrary code via a crafted TIFF image file that triggers memory corruption, aka \"GDI+ TIFF Memory Corruption Vulnerability.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "TA09-286A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html"
            },
            {
              "name": "MS09-062",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062"
            },
            {
              "name": "oval:org.mitre.oval:def:6491",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6491"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2009-2503",
    "datePublished": "2009-10-14T10:00:00",
    "dateReserved": "2009-07-17T00:00:00",
    "dateUpdated": "2024-08-07T05:52:14.695Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Vulnerability from fkie_nvd
Published
2009-10-14 10:30
Modified
2024-11-21 01:05
Severity ?
Summary
GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Windows Server 2003 SP2, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 does not properly allocate an unspecified buffer, which allows remote attackers to execute arbitrary code via a crafted TIFF image file that triggers memory corruption, aka "GDI+ TIFF Memory Corruption Vulnerability."
References
secure@microsoft.comhttp://www.us-cert.gov/cas/techalerts/TA09-286A.htmlUS Government Resource
secure@microsoft.comhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062
secure@microsoft.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6491
af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/cas/techalerts/TA09-286A.htmlUS Government Resource
af854a3a-2127-422b-91ae-364da2661108https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6491
Impacted products
Vendor Product Version
microsoft windows_2003_server *
microsoft windows_2003_server *
microsoft windows_2003_server *
microsoft windows_server_2008 *
microsoft windows_server_2008 *
microsoft windows_server_2008 *
microsoft windows_vista *
microsoft windows_vista *
microsoft windows_vista *
microsoft windows_xp *
microsoft windows_xp *
microsoft windows_xp *
microsoft windows_2000 *
microsoft .net_framework 1.1
microsoft .net_framework 2.0
microsoft .net_framework 2.0
microsoft internet_explorer 6
microsoft report_viewer 2005
microsoft report_viewer 2008
microsoft report_viewer 2008
microsoft sql_server 2005
microsoft sql_server 2005
microsoft sql_server 2005
microsoft sql_server 2005
microsoft sql_server 2005
microsoft sql_server 2005
microsoft sql_server_reporting_services 2000
microsoft excel_viewer 2003
microsoft excel_viewer 2003
microsoft expression_web *
microsoft expression_web 2
microsoft office 2003
microsoft office 2007
microsoft office 2007
microsoft office xp
microsoft office_compatibility_pack 2007
microsoft office_compatibility_pack 2007
microsoft office_excel_viewer *
microsoft office_groove 2007
microsoft office_groove 2007
microsoft office_powerpoint_viewer *
microsoft office_powerpoint_viewer 2007
microsoft office_powerpoint_viewer 2007
microsoft office_word_viewer *
microsoft project 2002
microsoft visio 2002
microsoft word_viewer 2003
microsoft word_viewer 2003
microsoft works 8.5
microsoft platform_sdk *
microsoft report_viewer 2005
microsoft report_viewer 2008
microsoft report_viewer 2008
microsoft visual_studio 2008
microsoft visual_studio 2008
microsoft visual_studio_.net 2003
microsoft visual_studio_.net 2005
microsoft forefront_client_security 1.0
microsoft visual_foxpro 8.0
microsoft visual_foxpro 9.0
microsoft windows_2000 *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*",
              "matchCriteriaId": "F7EFB032-47F4-4497-B16B-CB9126EAC9DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:*",
              "matchCriteriaId": "6881476D-81A2-4DFD-AC77-82A8D08A0568",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*",
              "matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*",
              "matchCriteriaId": "9CFB1A97-8042-4497-A45D-C014B5E240AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*",
              "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*",
              "matchCriteriaId": "1DD1D5ED-FE7C-4ADF-B3AF-1F13E51B4FB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*",
              "matchCriteriaId": "1AB9988B-5A9C-4F6D-BCCC-4D03AC6E4CF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*",
              "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:.net_framework:1.1:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "0BF6AE15-EAC3-4100-A742-211026C79CCC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:.net_framework:2.0:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "F97EB992-2DC1-4E31-A298-072D8313130B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "42A6DF09-B8E1-414D-97E7-453566055279",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "D47247A3-7CD7-4D67-9D9B-A94A504DA1BE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2005:sp1:redistributable_package:*:*:*:*:*",
              "matchCriteriaId": "86B3074F-1673-4439-8582-F2786D0ED54D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2008:*:redistributable_package:*:*:*:*:*",
              "matchCriteriaId": "28A57C4D-A305-4FF4-B9AC-853CAF7E30AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2008:sp1:redistributable_package:*:*:*:*:*",
              "matchCriteriaId": "16FD5898-64D7-4F4F-A4C5-5E7BDF340E28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "26423C70-4475-4D7E-8CC0-D8CFADE16B26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp2:itanium:*:*:*:*:*",
              "matchCriteriaId": "F7EF6C51-17EA-43E4-84BA-08CE705C2D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp2:x64:*:*:*:*:*",
              "matchCriteriaId": "7ADB520B-B847-4855-95B1-6CEA36D66C07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "93B86335-EF14-4E4F-B192-2A5323A47D31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp3:itanium:*:*:*:*:*",
              "matchCriteriaId": "AA80EDC4-4E84-40BE-86D5-1825AFA85390",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp3:x64:*:*:*:*:*",
              "matchCriteriaId": "0F3BF09C-04D2-4367-BE58-72AD396B4110",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server_reporting_services:2000:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "377777D4-0649-4732-9E38-E4074056C561",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:excel_viewer:2003:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDB0020C-A804-4003-B411-1AC7A6E7193E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:excel_viewer:2003:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "AE2F0B8B-0600-4324-93A9-07DBE97E1BB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:expression_web:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2876FC23-21A0-4F56-B0D9-11187173F7D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:expression_web:2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6761A1C-EC1C-4B00-8126-D58DAB51267A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:2003:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "A332D04D-CC8C-4F68-A261-BA2F2D8EAD1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:2007:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "69E6B9EB-D3F7-4C57-BF2F-61664E5C2C7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:2007:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "08AF794A-435D-4171-9DBB-EB7FAED96DBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:xp:*:*:*:*:*:*:*",
              "matchCriteriaId": "34FA62BE-D804-402D-9BDD-68BC70ECCD76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_compatibility_pack:2007:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "C5C94F2C-786B-45E4-B80A-FC668D917014",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_compatibility_pack:2007:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "A4B44889-AEEB-4713-A047-C27B802DB257",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_excel_viewer:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A2613CE-C469-43AE-A590-87CE1FAADA8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_groove:2007:*:*:*:*:*:*:*",
              "matchCriteriaId": "828A3CB6-EB0A-4CCD-B786-7316564EE40A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_groove:2007:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "F646992A-D3B7-4474-8E0B-65B99086D844",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_powerpoint_viewer:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "70B39422-2E91-4F2C-8338-8A9292956260",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_powerpoint_viewer:2007:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "7F9C3119-B118-41E2-9622-FD40C6CC4B6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_powerpoint_viewer:2007:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "B55849C3-649E-487B-B702-E2F4B25ECAB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_word_viewer:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E647A7B3-7A92-4584-BDA7-81752FF59411",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:project:2002:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "9B14AE8E-1BFF-4458-87CC-357957F18F8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visio:2002:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "D0D2C5C3-225C-49DC-B9C7-C5BC05900F2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:word_viewer:2003:*:*:*:*:*:*:*",
              "matchCriteriaId": "1889A686-9565-4958-99BB-2EC24ABDF272",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:word_viewer:2003:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "5D7B01AE-F457-45C1-8A37-7ED65CAF8638",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:works:8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "83EE0CCD-69AD-4705-9BB0-24688F7957F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:platform_sdk:*:*:redistrutable_gdi\\+:*:*:*:*:*",
              "matchCriteriaId": "5E9AC6E2-D6C2-48E1-87C5-86470AC622DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2005:sp1:redistributable_package:*:*:*:*:*",
              "matchCriteriaId": "86B3074F-1673-4439-8582-F2786D0ED54D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2008:*:redistributable_package:*:*:*:*:*",
              "matchCriteriaId": "28A57C4D-A305-4FF4-B9AC-853CAF7E30AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2008:sp1:redistributable_package:*:*:*:*:*",
              "matchCriteriaId": "16FD5898-64D7-4F4F-A4C5-5E7BDF340E28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visual_studio:2008:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED077FFC-EBCC-4CD9-BF0E-0286B99C1965",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visual_studio:2008:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "9AB2C8C4-7E86-4736-9CE4-2E65E4EDBF02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visual_studio_.net:2003:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "85959AEB-2FE5-4A25-B298-F8223CE260D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visual_studio_.net:2005:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "F40C30AF-7D70-4FE8-B7D1-F4734F791664",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:forefront_client_security:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "578221F3-4C20-4A3F-A286-5A4680E8785D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visual_foxpro:8.0:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "E5DE8B76-FA09-4EA2-9535-758C56C4C099",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visual_foxpro:9.0:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "5E711CC3-9094-4C54-A794-9C7A3E7F4AFA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*",
              "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Windows Server 2003 SP2, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 does not properly allocate an unspecified buffer, which allows remote attackers to execute arbitrary code via a crafted TIFF image file that triggers memory corruption, aka \"GDI+ TIFF Memory Corruption Vulnerability.\""
    },
    {
      "lang": "es",
      "value": "GDI+ en Microsoft Internet Explorer v6 SP1, Windows XP SP2 y SP3, Windows Server 2003 SP2, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 y SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold y SP3, Office Excel Viewer 2003 Gold y SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, y SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 y SP2, Expression Web, Expression Web v2, Groove 2007 Gold y SP1, Works v8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 y SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold y SP1, y Forefront Client Security v1.0 no localiza adecuadamente un b\u00fafer sin especificar, lo que permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un fichero de imagen TIFF que inicia una corrupci\u00f3n de memoria, tambi\u00e9n conocido como \"Vulnerabilidad de corrupci\u00f3n de memoria GDI+ TIFF\""
    }
  ],
  "id": "CVE-2009-2503",
  "lastModified": "2024-11-21T01:05:02.170",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2009-10-14T10:30:01.407",
  "references": [
    {
      "source": "secure@microsoft.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6491"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6491"
    }
  ],
  "sourceIdentifier": "secure@microsoft.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2008-09-11 01:11
Modified
2024-11-21 00:48
Severity ?
Summary
gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a malformed GIF image file containing many extension markers for graphic control extensions and subsequent unknown labels, aka "GDI+ GIF Parsing Vulnerability."
References
secure@microsoft.comhttp://ifsec.blogspot.com/2008/09/windows-gdi-gif-memory-corruption.html
secure@microsoft.comhttp://marc.info/?l=bugtraq&m=122235754013992&w=2
secure@microsoft.comhttp://marc.info/?l=bugtraq&m=122235754013992&w=2
secure@microsoft.comhttp://secunia.com/advisories/32154Vendor Advisory
secure@microsoft.comhttp://www.securityfocus.com/archive/1/496154/100/0/threaded
secure@microsoft.comhttp://www.securityfocus.com/bid/31020
secure@microsoft.comhttp://www.securitytracker.com/id?1020836
secure@microsoft.comhttp://www.us-cert.gov/cas/techalerts/TA08-253A.htmlUS Government Resource
secure@microsoft.comhttp://www.vupen.com/english/advisories/2008/2520Vendor Advisory
secure@microsoft.comhttp://www.vupen.com/english/advisories/2008/2696Vendor Advisory
secure@microsoft.comhttp://www.zerodayinitiative.com/advisories/ZDI-08-056
secure@microsoft.comhttp://www.zerodayinitiative.com/advisories/ZDI-08-056/
secure@microsoft.comhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052
secure@microsoft.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5986
af854a3a-2127-422b-91ae-364da2661108http://ifsec.blogspot.com/2008/09/windows-gdi-gif-memory-corruption.html
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=122235754013992&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=122235754013992&w=2
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/32154Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/496154/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/31020
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1020836
af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/cas/techalerts/TA08-253A.htmlUS Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/2520Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/2696Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.zerodayinitiative.com/advisories/ZDI-08-056
af854a3a-2127-422b-91ae-364da2661108http://www.zerodayinitiative.com/advisories/ZDI-08-056/
af854a3a-2127-422b-91ae-364da2661108https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5986
Impacted products
Vendor Product Version
microsoft digital_image_suite 2006
microsoft forefront_client_security 1.0
microsoft internet_explorer 6
microsoft office 2003
microsoft office 2003
microsoft office 2007
microsoft office 2007
microsoft office xp
microsoft powerpoint_viewer 2003
microsoft report_viewer 2005
microsoft report_viewer 2008
microsoft sql_server 2005
microsoft sql_server_reporting_services 2000
microsoft visio 2002
microsoft works 8.0
microsoft windows_server_2008 -
microsoft windows_vista *
microsoft windows_vista *
microsoft windows_xp *
microsoft windows_xp *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:digital_image_suite:2006:*:*:*:*:*:*:*",
              "matchCriteriaId": "24F42695-7FB7-4C43-A9A7-8A234B6E5937",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:forefront_client_security:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "578221F3-4C20-4A3F-A286-5A4680E8785D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "D47247A3-7CD7-4D67-9D9B-A94A504DA1BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:2003:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "07D3F3E4-93FB-481A-94D9-075E726697C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:2003:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "A332D04D-CC8C-4F68-A261-BA2F2D8EAD1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:2007:*:gold:*:*:*:*:*",
              "matchCriteriaId": "E438882E-1AAE-477E-B885-D4E95D2AE88A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:2007:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "69E6B9EB-D3F7-4C57-BF2F-61664E5C2C7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:xp:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "79BA1175-7F02-4435-AEA6-1BA8AADEB7EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:powerpoint_viewer:2003:*:*:*:*:*:*:*",
              "matchCriteriaId": "11499249-45FC-4E05-9362-058D1ADA8078",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2005:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "033138E1-82C7-443C-89C1-23D8032674CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2008:*:*:*:*:*:*:*",
              "matchCriteriaId": "30E84216-227B-4074-B65B-6AA399D4A8DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "26423C70-4475-4D7E-8CC0-D8CFADE16B26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server_reporting_services:2000:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "377777D4-0649-4732-9E38-E4074056C561",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visio:2002:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "D0D2C5C3-225C-49DC-B9C7-C5BC05900F2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:works:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "293914AF-6101-4F50-9560-A4EA99D767C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "32623D48-7000-4C7D-823F-7D2A9841D88C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_vista:*:gold:*:*:*:*:*:*",
              "matchCriteriaId": "D34A558F-A656-43EB-AC52-C3710F77CDD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a malformed GIF image file containing many extension markers for graphic control extensions and subsequent unknown labels, aka \"GDI+ GIF Parsing Vulnerability.\""
    },
    {
      "lang": "es",
      "value": "La biblioteca gdiplus.dll en GDI en Microsoft Internet Explorer versi\u00f3n 6 SP1, Windows XP SP2 y SP3, Server 2003 SP1 y SP2, Vista Gold y SP1, Server 2008, Office XP SP3, Office 2003 SP2 y SP3, 2007 Microsoft Office System Gold y SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works versi\u00f3n 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 y 2008, y Forefront Client Security versi\u00f3n 1.0, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un archivo de imagen GIF malformado que contiene muchos marcadores de extensi\u00f3n para extensiones de control gr\u00e1fico y etiquetas desconocidas posteriores, tambi\u00e9n se conoce como \"GDI+ GIF Parsing Vulnerability.\""
    }
  ],
  "id": "CVE-2008-3013",
  "lastModified": "2024-11-21T00:48:13.807",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2008-09-11T01:11:47.103",
  "references": [
    {
      "source": "secure@microsoft.com",
      "url": "http://ifsec.blogspot.com/2008/09/windows-gdi-gif-memory-corruption.html"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/32154"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.securityfocus.com/archive/1/496154/100/0/threaded"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.securityfocus.com/bid/31020"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.securitytracker.com/id?1020836"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA08-253A.html"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/2520"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/2696"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-056"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-056/"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5986"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://ifsec.blogspot.com/2008/09/windows-gdi-gif-memory-corruption.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/32154"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/496154/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/31020"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1020836"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA08-253A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/2520"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/2696"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-056"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-056/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5986"
    }
  ],
  "sourceIdentifier": "secure@microsoft.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2008-09-11 01:01
Modified
2024-11-21 00:37
Severity ?
Summary
Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via an image file with crafted gradient sizes in gradient fill input, which triggers a heap-based buffer overflow related to GdiPlus.dll and VGX.DLL, aka "GDI+ VML Buffer Overrun Vulnerability."
References
secure@microsoft.comhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=743
secure@microsoft.comhttp://marc.info/?l=bugtraq&m=122235754013992&w=2
secure@microsoft.comhttp://marc.info/?l=bugtraq&m=122235754013992&w=2
secure@microsoft.comhttp://secunia.com/advisories/32154Vendor Advisory
secure@microsoft.comhttp://www.securityfocus.com/bid/31018
secure@microsoft.comhttp://www.securitytracker.com/id?1020834
secure@microsoft.comhttp://www.us-cert.gov/cas/techalerts/TA08-253A.htmlUS Government Resource
secure@microsoft.comhttp://www.vupen.com/english/advisories/2008/2520Vendor Advisory
secure@microsoft.comhttp://www.vupen.com/english/advisories/2008/2696Vendor Advisory
secure@microsoft.comhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052
secure@microsoft.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6055
af854a3a-2127-422b-91ae-364da2661108http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=743
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=122235754013992&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=122235754013992&w=2
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/32154Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/31018
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1020834
af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/cas/techalerts/TA08-253A.htmlUS Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/2520Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/2696Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6055
Impacted products
Vendor Product Version
microsoft digital_image_suite 2006
microsoft forefront_client_security 1.0
microsoft internet_explorer 6
microsoft office 2003
microsoft office 2003
microsoft office xp
microsoft office_powerpoint_viewer 2003
microsoft report_viewer 2005
microsoft report_viewer 2008
microsoft server 2008
microsoft sql_server 2005
microsoft sql_server_reporting_services 2000
microsoft visio 2002
microsoft works 8.0
microsoft office_system *
microsoft office_system *
microsoft windows 2003_server
microsoft windows 2003_server
microsoft windows-nt vista
microsoft windows-nt xp
microsoft windows_vista -
microsoft windows_xp -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:digital_image_suite:2006:*:*:*:*:*:*:*",
              "matchCriteriaId": "24F42695-7FB7-4C43-A9A7-8A234B6E5937",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:forefront_client_security:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "578221F3-4C20-4A3F-A286-5A4680E8785D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "D47247A3-7CD7-4D67-9D9B-A94A504DA1BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:2003:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "07D3F3E4-93FB-481A-94D9-075E726697C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:2003:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "A332D04D-CC8C-4F68-A261-BA2F2D8EAD1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:xp:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "79BA1175-7F02-4435-AEA6-1BA8AADEB7EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_powerpoint_viewer:2003:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5440EF5-462B-4BAC-AF60-44C5D649D0D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2005:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "033138E1-82C7-443C-89C1-23D8032674CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2008:*:*:*:*:*:*:*",
              "matchCriteriaId": "30E84216-227B-4074-B65B-6AA399D4A8DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:server:2008:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAE680C6-F940-4095-BDD5-05CBD8DA14DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "26423C70-4475-4D7E-8CC0-D8CFADE16B26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server_reporting_services:2000:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "377777D4-0649-4732-9E38-E4074056C561",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visio:2002:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "D0D2C5C3-225C-49DC-B9C7-C5BC05900F2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:works:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "293914AF-6101-4F50-9560-A4EA99D767C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:office_system:*:gold:*:*:*:*:*:*",
              "matchCriteriaId": "D08AE69C-A8E4-4291-AE45-C311BA8168D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:office_system:*:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "9E27318C-A079-40D4-8994-96C6809CA1FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:2003_server:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "CFC4CDAF-F0C4-4B7D-9692-5E73C489F5A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:2003_server:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "6265A492-BDB8-4A41-A5D1-9947C8EF002E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows-nt:vista:*:gold:*:*:*:*:*",
              "matchCriteriaId": "85442DDD-DFB0-455D-8078-EFE49ABC60B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows-nt:xp:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "73AED29E-B778-4186-8968-EB608E34E540",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "3A04E39A-623E-45CA-A5FC-25DAA0F275A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "34DF3B5E-F17F-49B4-9DC8-06749F3C9CC3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via an image file with crafted gradient sizes in gradient fill input, which triggers a heap-based buffer overflow related to GdiPlus.dll and VGX.DLL, aka \"GDI+ VML Buffer Overrun Vulnerability.\""
    },
    {
      "lang": "es",
      "value": "Desbordamiento de enteros en GDI+ en Microsoft Internet Explorer versi\u00f3n 6 SP1, Windows XP SP2 y SP3, Server 2003 SP1 y SP2, Vista Gold y SP1, Server 2008, Office XP SP3, Office 2003 SP2 y SP3, 2007 Microsoft Office System Gold y SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works versi\u00f3n 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 y 2008, y Forefront Client Security versi\u00f3n 1.0, permite a atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un archivo de imagen con tama\u00f1o degradado creados en la entrada de relleno de degradado, que activa un desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria relacionado con las bibliotecas GdiPlus.dll y VGX.DLL, tambi\u00e9n se conoce como \"GDI+ VML Buffer Overrun Vulnerability.\""
    }
  ],
  "id": "CVE-2007-5348",
  "lastModified": "2024-11-21T00:37:42.250",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2008-09-11T01:01:19.430",
  "references": [
    {
      "source": "secure@microsoft.com",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=743"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/32154"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.securityfocus.com/bid/31018"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.securitytracker.com/id?1020834"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA08-253A.html"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/2520"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/2696"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6055"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=743"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/32154"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/31018"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1020834"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA08-253A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/2520"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/2696"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6055"
    }
  ],
  "sourceIdentifier": "secure@microsoft.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2008-09-11 01:11
Modified
2024-11-21 00:48
Severity ?
Summary
Buffer overflow in gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a malformed WMF image file that triggers improper memory allocation, aka "GDI+ WMF Buffer Overrun Vulnerability."
References
secure@microsoft.comhttp://marc.info/?l=bugtraq&m=122235754013992&w=2
secure@microsoft.comhttp://marc.info/?l=bugtraq&m=122235754013992&w=2
secure@microsoft.comhttp://secunia.com/advisories/32154
secure@microsoft.comhttp://www.securityfocus.com/bid/31021
secure@microsoft.comhttp://www.securitytracker.com/id?1020837
secure@microsoft.comhttp://www.us-cert.gov/cas/techalerts/TA08-253A.htmlUS Government Resource
secure@microsoft.comhttp://www.vupen.com/english/advisories/2008/2520
secure@microsoft.comhttp://www.vupen.com/english/advisories/2008/2696
secure@microsoft.comhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052
secure@microsoft.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6004
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=122235754013992&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=122235754013992&w=2
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/32154
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/31021
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1020837
af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/cas/techalerts/TA08-253A.htmlUS Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/2520
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/2696
af854a3a-2127-422b-91ae-364da2661108https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6004
Impacted products
Vendor Product Version
microsoft digital_image_suite 2006
microsoft forefront_client_security 1.0
microsoft internet_explorer 6
microsoft office 2003
microsoft office 2003
microsoft office 2007
microsoft office 2007
microsoft office xp
microsoft office_powerpoint_viewer 2003
microsoft report_viewer 2005
microsoft report_viewer 2008
microsoft server 2008
microsoft sql_server 2005
microsoft sql_server_reporting_services 2000
microsoft visio 2002
microsoft works 8.0
microsoft server 2003
microsoft server 2003
microsoft windows-nt vista
microsoft windows-nt xp
microsoft windows_vista -
microsoft windows_xp -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:digital_image_suite:2006:*:*:*:*:*:*:*",
              "matchCriteriaId": "24F42695-7FB7-4C43-A9A7-8A234B6E5937",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:forefront_client_security:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "578221F3-4C20-4A3F-A286-5A4680E8785D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "D47247A3-7CD7-4D67-9D9B-A94A504DA1BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:2003:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "07D3F3E4-93FB-481A-94D9-075E726697C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:2003:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "A332D04D-CC8C-4F68-A261-BA2F2D8EAD1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:2007:*:gold:*:*:*:*:*",
              "matchCriteriaId": "E438882E-1AAE-477E-B885-D4E95D2AE88A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:2007:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "69E6B9EB-D3F7-4C57-BF2F-61664E5C2C7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:xp:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "79BA1175-7F02-4435-AEA6-1BA8AADEB7EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_powerpoint_viewer:2003:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5440EF5-462B-4BAC-AF60-44C5D649D0D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2005:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "033138E1-82C7-443C-89C1-23D8032674CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2008:*:*:*:*:*:*:*",
              "matchCriteriaId": "30E84216-227B-4074-B65B-6AA399D4A8DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:server:2008:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAE680C6-F940-4095-BDD5-05CBD8DA14DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "26423C70-4475-4D7E-8CC0-D8CFADE16B26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server_reporting_services:2000:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "377777D4-0649-4732-9E38-E4074056C561",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visio:2002:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "D0D2C5C3-225C-49DC-B9C7-C5BC05900F2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:works:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "293914AF-6101-4F50-9560-A4EA99D767C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:server:2003:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "4997ED74-FF5F-43AC-BA74-4DD6B96DEA9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:server:2003:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "C4AC635E-5246-4200-9EC1-81D0F2072934",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows-nt:vista:*:gold:*:*:*:*:*",
              "matchCriteriaId": "85442DDD-DFB0-455D-8078-EFE49ABC60B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows-nt:xp:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "73AED29E-B778-4186-8968-EB608E34E540",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "3A04E39A-623E-45CA-A5FC-25DAA0F275A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "34DF3B5E-F17F-49B4-9DC8-06749F3C9CC3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a malformed WMF image file that triggers improper memory allocation, aka \"GDI+ WMF Buffer Overrun Vulnerability.\""
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer en gdiplus.dll en GDI+ en Microsoft Internet Explorer 6 SP1, Windows XP SP2 y SP3, Server 2003 SP1 y SP2, Vista Gold y SP1, Server 2008, Office XP SP3, Office 2003 SP2 y SP3, 2007 Microsoft Office System Gold  y SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 y 2008, y Forefront Client Security 1.0, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un archivo de imagen WMF que lanza una asignaci\u00f3n de memoria inadecuada, tambi\u00e9n conocida como \"Vulnerabilidad GDI+ WMF Buffer Overrun\"."
    }
  ],
  "id": "CVE-2008-3014",
  "lastModified": "2024-11-21T00:48:13.937",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2008-09-11T01:11:47.117",
  "references": [
    {
      "source": "secure@microsoft.com",
      "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://secunia.com/advisories/32154"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.securityfocus.com/bid/31021"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.securitytracker.com/id?1020837"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA08-253A.html"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.vupen.com/english/advisories/2008/2520"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.vupen.com/english/advisories/2008/2696"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6004"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/32154"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/31021"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1020837"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA08-253A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/2520"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/2696"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6004"
    }
  ],
  "sourceIdentifier": "secure@microsoft.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2012-10-09 21:55
Modified
2024-11-21 01:39
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in the SQL Server Report Manager in Microsoft SQL Server 2000 Reporting Services SP2 and SQL Server 2005 SP4, 2008 SP2 and SP3, 2008 R2 SP1, and 2012 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka "Reflected XSS Vulnerability."
References
secure@microsoft.comhttp://www.securityfocus.com/bid/55783
secure@microsoft.comhttp://www.us-cert.gov/cas/techalerts/TA12-283A.htmlUS Government Resource
secure@microsoft.comhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-070
secure@microsoft.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15395
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/55783
af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/cas/techalerts/TA12-283A.htmlUS Government Resource
af854a3a-2127-422b-91ae-364da2661108https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-070
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15395
Impacted products
Vendor Product Version
microsoft sql_server 2005
microsoft sql_server 2005
microsoft sql_server 2005
microsoft sql_server 2005
microsoft sql_server 2008
microsoft sql_server 2008
microsoft sql_server 2008
microsoft sql_server 2008
microsoft sql_server 2008
microsoft sql_server 2008
microsoft sql_server 2008
microsoft sql_server 2008
microsoft sql_server 2008
microsoft sql_server 2012
microsoft sql_server 2012
microsoft sql_server_reporting_services 2000


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp4:express_advanced_services:*:*:*:*:*",
              "matchCriteriaId": "6CE40B2B-E1A0-4BBE-9A3B-5E7B14F83554",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp4:itanium:*:*:*:*:*",
              "matchCriteriaId": "7E387893-EBA4-448A-9687-400F50A5A2F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp4:x64:*:*:*:*:*",
              "matchCriteriaId": "9916AE10-8EBF-4BB9-885C-1FD0C20ED71C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp4:x86:*:*:*:*:*",
              "matchCriteriaId": "4F8BF453-1436-4031-9774-B3E53B40BB46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2008:r2_sp1:itanium:*:*:*:*:*",
              "matchCriteriaId": "6FE7F16C-CDE0-426C-BFF2-689750CD64CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2008:r2_sp1:x64:*:*:*:*:*",
              "matchCriteriaId": "4ADCCD5E-B5BA-4CA7-B37F-D1CBC0998B80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2008:r2_sp1:x86:*:*:*:*:*",
              "matchCriteriaId": "9EEB1830-3314-4422-985E-8FEAD8F93B6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2008:sp2:itanium:*:*:*:*:*",
              "matchCriteriaId": "5FA2E5E9-A530-4EBA-863A-322C10EFB82C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2008:sp2:x64:*:*:*:*:*",
              "matchCriteriaId": "00F271BE-E397-4DAB-894E-EBA5CD7C465F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2008:sp2:x86:*:*:*:*:*",
              "matchCriteriaId": "A30C7019-68AD-4538-8250-EFDDC4FCBC32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2008:sp3:itanium:*:*:*:*:*",
              "matchCriteriaId": "21B670E0-E991-4884-9D98-D9A74C95903B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2008:sp3:x64:*:*:*:*:*",
              "matchCriteriaId": "46B0D444-0B3F-4430-9374-BFA7D5F44726",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2008:sp3:x86:*:*:*:*:*",
              "matchCriteriaId": "C561C66B-18EB-4926-8FF1-489D1934E5C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2012:-:x64:*:*:*:*:*",
              "matchCriteriaId": "A1C39319-B1DC-494B-9688-C25940376A65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2012:-:x86:*:*:*:*:*",
              "matchCriteriaId": "9C056337-C632-42A6-A2DE-5E20AD103953",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server_reporting_services:2000:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "377777D4-0649-4732-9E38-E4074056C561",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site scripting (XSS) vulnerability in the SQL Server Report Manager in Microsoft SQL Server 2000 Reporting Services SP2 and SQL Server 2005 SP4, 2008 SP2 and SP3, 2008 R2 SP1, and 2012 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka \"Reflected XSS Vulnerability.\""
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de ejecuci\u00f3n de comandos en sitios cruzados (XSS) en SQL Server Report Manager en Microsoft SQL Server 2000 Reporting Services SP2 y SQL Server 2005 SP4, 2008 SP2 y SP3, 2008 R2 SP1, y 2012, permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s a los par\u00e1metros especificados Es una vulnerabilidad tambi\u00e9n conocido como \"Vulnerabilidad de XSS reflejado\"."
    }
  ],
  "id": "CVE-2012-2552",
  "lastModified": "2024-11-21T01:39:13.157",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2012-10-09T21:55:02.957",
  "references": [
    {
      "source": "secure@microsoft.com",
      "url": "http://www.securityfocus.com/bid/55783"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA12-283A.html"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-070"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15395"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/55783"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA12-283A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-070"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15395"
    }
  ],
  "sourceIdentifier": "secure@microsoft.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2009-10-14 10:30
Modified
2024-11-21 01:05
Severity ?
Summary
Heap-based buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted PNG image file, aka "GDI+ PNG Heap Overflow Vulnerability."
References
secure@microsoft.comhttp://www.us-cert.gov/cas/techalerts/TA09-286A.htmlUS Government Resource
secure@microsoft.comhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062
secure@microsoft.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5800
af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/cas/techalerts/TA09-286A.htmlUS Government Resource
af854a3a-2127-422b-91ae-364da2661108https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5800
Impacted products
Vendor Product Version
microsoft windows_2003_server *
microsoft windows_2003_server *
microsoft windows_2003_server *
microsoft windows_server_2008 *
microsoft windows_server_2008 *
microsoft windows_server_2008 *
microsoft windows_vista *
microsoft windows_vista *
microsoft windows_vista *
microsoft windows_xp *
microsoft windows_xp *
microsoft windows_xp *
microsoft windows_2000 *
microsoft .net_framework 1.1
microsoft .net_framework 2.0
microsoft .net_framework 2.0
microsoft internet_explorer 6
microsoft report_viewer 2005
microsoft report_viewer 2008
microsoft report_viewer 2008
microsoft sql_server 2005
microsoft sql_server 2005
microsoft sql_server 2005
microsoft sql_server 2005
microsoft sql_server 2005
microsoft sql_server 2005
microsoft sql_server_reporting_services 2000
microsoft excel_viewer 2003
microsoft excel_viewer 2003
microsoft expression_web *
microsoft expression_web 2
microsoft office 2003
microsoft office 2007
microsoft office 2007
microsoft office xp
microsoft office_compatibility_pack 2007
microsoft office_compatibility_pack 2007
microsoft office_excel_viewer *
microsoft office_groove 2007
microsoft office_groove 2007
microsoft office_powerpoint_viewer *
microsoft office_powerpoint_viewer 2007
microsoft office_powerpoint_viewer 2007
microsoft office_word_viewer *
microsoft project 2002
microsoft visio 2002
microsoft word_viewer 2003
microsoft word_viewer 2003
microsoft works 8.5
microsoft platform_sdk *
microsoft report_viewer 2005
microsoft report_viewer 2008
microsoft report_viewer 2008
microsoft visual_studio 2008
microsoft visual_studio 2008
microsoft visual_studio_.net 2003
microsoft visual_studio_.net 2005
microsoft forefront_client_security 1.0
microsoft visual_foxpro 8.0
microsoft visual_foxpro 9.0
microsoft windows_2000 *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*",
              "matchCriteriaId": "F7EFB032-47F4-4497-B16B-CB9126EAC9DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:*",
              "matchCriteriaId": "6881476D-81A2-4DFD-AC77-82A8D08A0568",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*",
              "matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*",
              "matchCriteriaId": "9CFB1A97-8042-4497-A45D-C014B5E240AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*",
              "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*",
              "matchCriteriaId": "1DD1D5ED-FE7C-4ADF-B3AF-1F13E51B4FB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*",
              "matchCriteriaId": "1AB9988B-5A9C-4F6D-BCCC-4D03AC6E4CF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*",
              "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:.net_framework:1.1:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "0BF6AE15-EAC3-4100-A742-211026C79CCC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:.net_framework:2.0:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "F97EB992-2DC1-4E31-A298-072D8313130B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "42A6DF09-B8E1-414D-97E7-453566055279",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "D47247A3-7CD7-4D67-9D9B-A94A504DA1BE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2005:sp1:redistributable_package:*:*:*:*:*",
              "matchCriteriaId": "86B3074F-1673-4439-8582-F2786D0ED54D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2008:*:redistributable_package:*:*:*:*:*",
              "matchCriteriaId": "28A57C4D-A305-4FF4-B9AC-853CAF7E30AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2008:sp1:redistributable_package:*:*:*:*:*",
              "matchCriteriaId": "16FD5898-64D7-4F4F-A4C5-5E7BDF340E28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "26423C70-4475-4D7E-8CC0-D8CFADE16B26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp2:itanium:*:*:*:*:*",
              "matchCriteriaId": "F7EF6C51-17EA-43E4-84BA-08CE705C2D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp2:x64:*:*:*:*:*",
              "matchCriteriaId": "7ADB520B-B847-4855-95B1-6CEA36D66C07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "93B86335-EF14-4E4F-B192-2A5323A47D31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp3:itanium:*:*:*:*:*",
              "matchCriteriaId": "AA80EDC4-4E84-40BE-86D5-1825AFA85390",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp3:x64:*:*:*:*:*",
              "matchCriteriaId": "0F3BF09C-04D2-4367-BE58-72AD396B4110",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server_reporting_services:2000:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "377777D4-0649-4732-9E38-E4074056C561",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:excel_viewer:2003:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDB0020C-A804-4003-B411-1AC7A6E7193E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:excel_viewer:2003:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "AE2F0B8B-0600-4324-93A9-07DBE97E1BB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:expression_web:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2876FC23-21A0-4F56-B0D9-11187173F7D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:expression_web:2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6761A1C-EC1C-4B00-8126-D58DAB51267A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:2003:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "A332D04D-CC8C-4F68-A261-BA2F2D8EAD1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:2007:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "69E6B9EB-D3F7-4C57-BF2F-61664E5C2C7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:2007:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "08AF794A-435D-4171-9DBB-EB7FAED96DBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:xp:*:*:*:*:*:*:*",
              "matchCriteriaId": "34FA62BE-D804-402D-9BDD-68BC70ECCD76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_compatibility_pack:2007:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "C5C94F2C-786B-45E4-B80A-FC668D917014",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_compatibility_pack:2007:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "A4B44889-AEEB-4713-A047-C27B802DB257",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_excel_viewer:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A2613CE-C469-43AE-A590-87CE1FAADA8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_groove:2007:*:*:*:*:*:*:*",
              "matchCriteriaId": "828A3CB6-EB0A-4CCD-B786-7316564EE40A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_groove:2007:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "F646992A-D3B7-4474-8E0B-65B99086D844",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_powerpoint_viewer:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "70B39422-2E91-4F2C-8338-8A9292956260",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_powerpoint_viewer:2007:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "7F9C3119-B118-41E2-9622-FD40C6CC4B6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_powerpoint_viewer:2007:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "B55849C3-649E-487B-B702-E2F4B25ECAB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_word_viewer:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E647A7B3-7A92-4584-BDA7-81752FF59411",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:project:2002:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "9B14AE8E-1BFF-4458-87CC-357957F18F8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visio:2002:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "D0D2C5C3-225C-49DC-B9C7-C5BC05900F2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:word_viewer:2003:*:*:*:*:*:*:*",
              "matchCriteriaId": "1889A686-9565-4958-99BB-2EC24ABDF272",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:word_viewer:2003:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "5D7B01AE-F457-45C1-8A37-7ED65CAF8638",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:works:8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "83EE0CCD-69AD-4705-9BB0-24688F7957F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:platform_sdk:*:*:redistrutable_gdi\\+:*:*:*:*:*",
              "matchCriteriaId": "5E9AC6E2-D6C2-48E1-87C5-86470AC622DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2005:sp1:redistributable_package:*:*:*:*:*",
              "matchCriteriaId": "86B3074F-1673-4439-8582-F2786D0ED54D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2008:*:redistributable_package:*:*:*:*:*",
              "matchCriteriaId": "28A57C4D-A305-4FF4-B9AC-853CAF7E30AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2008:sp1:redistributable_package:*:*:*:*:*",
              "matchCriteriaId": "16FD5898-64D7-4F4F-A4C5-5E7BDF340E28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visual_studio:2008:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED077FFC-EBCC-4CD9-BF0E-0286B99C1965",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visual_studio:2008:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "9AB2C8C4-7E86-4736-9CE4-2E65E4EDBF02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visual_studio_.net:2003:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "85959AEB-2FE5-4A25-B298-F8223CE260D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visual_studio_.net:2005:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "F40C30AF-7D70-4FE8-B7D1-F4734F791664",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:forefront_client_security:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "578221F3-4C20-4A3F-A286-5A4680E8785D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visual_foxpro:8.0:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "E5DE8B76-FA09-4EA2-9535-758C56C4C099",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visual_foxpro:9.0:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "5E711CC3-9094-4C54-A794-9C7A3E7F4AFA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*",
              "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Heap-based buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted PNG image file, aka \"GDI+ PNG Heap Overflow Vulnerability.\""
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer basado en pila en GDI+ en Microsoft Internet Explorer v6 SP1, Windows XP SP2 y SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 y SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold y SP3, Office Excel Viewer 2003 Gold y SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, y SP2, Office Compatibility Pack for Word, Excel, y PowerPoint 2007 File Formats SP1 y SP2, Expression Web, Expression Web v2, Groove 2007 Gold y SP1, Works v8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 y SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold y SP1, y Forefront Client Security v1.0 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un fichero de imagen PNG manipulado, tambi\u00e9n conocido como \"Vulnerabilidad de desbordamiento de b\u00fafer basado en pila GDI+ PNG\"."
    }
  ],
  "id": "CVE-2009-2501",
  "lastModified": "2024-11-21T01:05:01.767",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2009-10-14T10:30:01.360",
  "references": [
    {
      "source": "secure@microsoft.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5800"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5800"
    }
  ],
  "sourceIdentifier": "secure@microsoft.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2009-10-14 10:30
Modified
2024-11-21 01:06
Severity ?
Summary
Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted PNG image file, aka "GDI+ PNG Integer Overflow Vulnerability."
References
secure@microsoft.comhttp://www.us-cert.gov/cas/techalerts/TA09-286A.htmlUS Government Resource
secure@microsoft.comhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062
secure@microsoft.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6134
af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/cas/techalerts/TA09-286A.htmlUS Government Resource
af854a3a-2127-422b-91ae-364da2661108https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6134
Impacted products
Vendor Product Version
microsoft windows_2003_server *
microsoft windows_2003_server *
microsoft windows_2003_server *
microsoft windows_server_2008 *
microsoft windows_server_2008 *
microsoft windows_server_2008 *
microsoft windows_vista *
microsoft windows_vista *
microsoft windows_vista *
microsoft windows_xp *
microsoft windows_xp *
microsoft windows_xp *
microsoft windows_2000 *
microsoft .net_framework 1.1
microsoft .net_framework 2.0
microsoft .net_framework 2.0
microsoft internet_explorer 6
microsoft report_viewer 2005
microsoft report_viewer 2008
microsoft report_viewer 2008
microsoft sql_server 2005
microsoft sql_server 2005
microsoft sql_server 2005
microsoft sql_server 2005
microsoft sql_server 2005
microsoft sql_server 2005
microsoft sql_server_reporting_services 2000
microsoft excel_viewer 2003
microsoft excel_viewer 2003
microsoft expression_web *
microsoft expression_web 2
microsoft office 2003
microsoft office 2007
microsoft office 2007
microsoft office xp
microsoft office_compatibility_pack 2007
microsoft office_compatibility_pack 2007
microsoft office_excel_viewer *
microsoft office_groove 2007
microsoft office_groove 2007
microsoft office_powerpoint_viewer *
microsoft office_powerpoint_viewer 2007
microsoft office_powerpoint_viewer 2007
microsoft office_word_viewer *
microsoft project 2002
microsoft visio 2002
microsoft word_viewer 2003
microsoft word_viewer 2003
microsoft works 8.5
microsoft platform_sdk *
microsoft report_viewer 2005
microsoft report_viewer 2008
microsoft report_viewer 2008
microsoft visual_studio 2008
microsoft visual_studio 2008
microsoft visual_studio_.net 2003
microsoft visual_studio_.net 2005
microsoft forefront_client_security 1.0
microsoft visual_foxpro 8.0
microsoft visual_foxpro 9.0
microsoft windows_2000 *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*",
              "matchCriteriaId": "F7EFB032-47F4-4497-B16B-CB9126EAC9DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:*",
              "matchCriteriaId": "6881476D-81A2-4DFD-AC77-82A8D08A0568",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*",
              "matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*",
              "matchCriteriaId": "9CFB1A97-8042-4497-A45D-C014B5E240AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*",
              "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*",
              "matchCriteriaId": "1DD1D5ED-FE7C-4ADF-B3AF-1F13E51B4FB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*",
              "matchCriteriaId": "1AB9988B-5A9C-4F6D-BCCC-4D03AC6E4CF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*",
              "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:.net_framework:1.1:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "0BF6AE15-EAC3-4100-A742-211026C79CCC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:.net_framework:2.0:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "F97EB992-2DC1-4E31-A298-072D8313130B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "42A6DF09-B8E1-414D-97E7-453566055279",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "D47247A3-7CD7-4D67-9D9B-A94A504DA1BE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2005:sp1:redistributable_package:*:*:*:*:*",
              "matchCriteriaId": "86B3074F-1673-4439-8582-F2786D0ED54D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2008:*:redistributable_package:*:*:*:*:*",
              "matchCriteriaId": "28A57C4D-A305-4FF4-B9AC-853CAF7E30AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2008:sp1:redistributable_package:*:*:*:*:*",
              "matchCriteriaId": "16FD5898-64D7-4F4F-A4C5-5E7BDF340E28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "26423C70-4475-4D7E-8CC0-D8CFADE16B26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp2:itanium:*:*:*:*:*",
              "matchCriteriaId": "F7EF6C51-17EA-43E4-84BA-08CE705C2D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp2:x64:*:*:*:*:*",
              "matchCriteriaId": "7ADB520B-B847-4855-95B1-6CEA36D66C07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "93B86335-EF14-4E4F-B192-2A5323A47D31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp3:itanium:*:*:*:*:*",
              "matchCriteriaId": "AA80EDC4-4E84-40BE-86D5-1825AFA85390",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp3:x64:*:*:*:*:*",
              "matchCriteriaId": "0F3BF09C-04D2-4367-BE58-72AD396B4110",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server_reporting_services:2000:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "377777D4-0649-4732-9E38-E4074056C561",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:excel_viewer:2003:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDB0020C-A804-4003-B411-1AC7A6E7193E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:excel_viewer:2003:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "AE2F0B8B-0600-4324-93A9-07DBE97E1BB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:expression_web:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2876FC23-21A0-4F56-B0D9-11187173F7D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:expression_web:2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6761A1C-EC1C-4B00-8126-D58DAB51267A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:2003:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "A332D04D-CC8C-4F68-A261-BA2F2D8EAD1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:2007:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "69E6B9EB-D3F7-4C57-BF2F-61664E5C2C7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:2007:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "08AF794A-435D-4171-9DBB-EB7FAED96DBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:xp:*:*:*:*:*:*:*",
              "matchCriteriaId": "34FA62BE-D804-402D-9BDD-68BC70ECCD76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_compatibility_pack:2007:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "C5C94F2C-786B-45E4-B80A-FC668D917014",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_compatibility_pack:2007:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "A4B44889-AEEB-4713-A047-C27B802DB257",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_excel_viewer:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A2613CE-C469-43AE-A590-87CE1FAADA8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_groove:2007:*:*:*:*:*:*:*",
              "matchCriteriaId": "828A3CB6-EB0A-4CCD-B786-7316564EE40A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_groove:2007:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "F646992A-D3B7-4474-8E0B-65B99086D844",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_powerpoint_viewer:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "70B39422-2E91-4F2C-8338-8A9292956260",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_powerpoint_viewer:2007:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "7F9C3119-B118-41E2-9622-FD40C6CC4B6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_powerpoint_viewer:2007:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "B55849C3-649E-487B-B702-E2F4B25ECAB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_word_viewer:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E647A7B3-7A92-4584-BDA7-81752FF59411",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:project:2002:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "9B14AE8E-1BFF-4458-87CC-357957F18F8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visio:2002:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "D0D2C5C3-225C-49DC-B9C7-C5BC05900F2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:word_viewer:2003:*:*:*:*:*:*:*",
              "matchCriteriaId": "1889A686-9565-4958-99BB-2EC24ABDF272",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:word_viewer:2003:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "5D7B01AE-F457-45C1-8A37-7ED65CAF8638",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:works:8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "83EE0CCD-69AD-4705-9BB0-24688F7957F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:platform_sdk:*:*:redistrutable_gdi\\+:*:*:*:*:*",
              "matchCriteriaId": "5E9AC6E2-D6C2-48E1-87C5-86470AC622DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2005:sp1:redistributable_package:*:*:*:*:*",
              "matchCriteriaId": "86B3074F-1673-4439-8582-F2786D0ED54D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2008:*:redistributable_package:*:*:*:*:*",
              "matchCriteriaId": "28A57C4D-A305-4FF4-B9AC-853CAF7E30AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2008:sp1:redistributable_package:*:*:*:*:*",
              "matchCriteriaId": "16FD5898-64D7-4F4F-A4C5-5E7BDF340E28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visual_studio:2008:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED077FFC-EBCC-4CD9-BF0E-0286B99C1965",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visual_studio:2008:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "9AB2C8C4-7E86-4736-9CE4-2E65E4EDBF02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visual_studio_.net:2003:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "85959AEB-2FE5-4A25-B298-F8223CE260D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visual_studio_.net:2005:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "F40C30AF-7D70-4FE8-B7D1-F4734F791664",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:forefront_client_security:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "578221F3-4C20-4A3F-A286-5A4680E8785D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visual_foxpro:8.0:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "E5DE8B76-FA09-4EA2-9535-758C56C4C099",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visual_foxpro:9.0:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "5E711CC3-9094-4C54-A794-9C7A3E7F4AFA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*",
              "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted PNG image file, aka \"GDI+ PNG Integer Overflow Vulnerability.\""
    },
    {
      "lang": "es",
      "value": "Desbordamiento de entero en GDI+ en Microsoft Internet Explorer v6 SP1, Windows XP SP2 y SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 y SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold y SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, y SP2, Office Compatibility Pack para Word, Excel, y PowerPoint 2007 File Formats SP1 y SP2, Expression Web, Expression Web v2, Groove 2007 Gold y SP1, Works v8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 y SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold y SP1, y Forefront Client Security v1.0 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de una fichero de imagen PNG manipulada, tambi\u00e9n conocido como \"Vulnerabilidad de desbordamiento de entero GDI+ PNG\""
    }
  ],
  "id": "CVE-2009-3126",
  "lastModified": "2024-11-21T01:06:36.703",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2009-10-14T10:30:01.843",
  "references": [
    {
      "source": "secure@microsoft.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6134"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6134"
    }
  ],
  "sourceIdentifier": "secure@microsoft.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2008-09-11 01:11
Modified
2024-11-21 00:48
Severity ?
Summary
gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 does not properly perform memory allocation, which allows remote attackers to execute arbitrary code via a malformed EMF image file, aka "GDI+ EMF Memory Corruption Vulnerability."
References
secure@microsoft.comhttp://marc.info/?l=bugtraq&m=122235754013992&w=2
secure@microsoft.comhttp://marc.info/?l=bugtraq&m=122235754013992&w=2
secure@microsoft.comhttp://secunia.com/advisories/32154
secure@microsoft.comhttp://www.securityfocus.com/bid/31019
secure@microsoft.comhttp://www.securitytracker.com/id?1020835
secure@microsoft.comhttp://www.us-cert.gov/cas/techalerts/TA08-253A.htmlUS Government Resource
secure@microsoft.comhttp://www.vupen.com/english/advisories/2008/2520
secure@microsoft.comhttp://www.vupen.com/english/advisories/2008/2696
secure@microsoft.comhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052
secure@microsoft.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6040
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=122235754013992&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=122235754013992&w=2
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/32154
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/31019
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1020835
af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/cas/techalerts/TA08-253A.htmlUS Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/2520
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/2696
af854a3a-2127-422b-91ae-364da2661108https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6040
Impacted products
Vendor Product Version
microsoft digital_image_suite 2006
microsoft forefront_client_security 1.0
microsoft internet_explorer 6
microsoft office 2003
microsoft office 2003
microsoft office xp
microsoft office_powerpoint_viewer 2003
microsoft report_viewer 2005
microsoft report_viewer 2008
microsoft server 2008
microsoft sql_server 2005
microsoft sql_server_reporting_services 2000
microsoft visio 2002
microsoft works 8.0
microsoft office_system *
microsoft office_system *
microsoft windows 2003_server
microsoft windows 2003_server
microsoft windows-nt vista
microsoft windows-nt xp
microsoft windows_vista -
microsoft windows_xp -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:digital_image_suite:2006:*:*:*:*:*:*:*",
              "matchCriteriaId": "24F42695-7FB7-4C43-A9A7-8A234B6E5937",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:forefront_client_security:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "578221F3-4C20-4A3F-A286-5A4680E8785D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "D47247A3-7CD7-4D67-9D9B-A94A504DA1BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:2003:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "07D3F3E4-93FB-481A-94D9-075E726697C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:2003:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "A332D04D-CC8C-4F68-A261-BA2F2D8EAD1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:xp:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "79BA1175-7F02-4435-AEA6-1BA8AADEB7EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_powerpoint_viewer:2003:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5440EF5-462B-4BAC-AF60-44C5D649D0D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2005:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "033138E1-82C7-443C-89C1-23D8032674CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2008:*:*:*:*:*:*:*",
              "matchCriteriaId": "30E84216-227B-4074-B65B-6AA399D4A8DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:server:2008:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAE680C6-F940-4095-BDD5-05CBD8DA14DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "26423C70-4475-4D7E-8CC0-D8CFADE16B26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server_reporting_services:2000:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "377777D4-0649-4732-9E38-E4074056C561",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visio:2002:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "D0D2C5C3-225C-49DC-B9C7-C5BC05900F2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:works:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "293914AF-6101-4F50-9560-A4EA99D767C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:office_system:*:gold:*:*:*:*:*:*",
              "matchCriteriaId": "D08AE69C-A8E4-4291-AE45-C311BA8168D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:office_system:*:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "9E27318C-A079-40D4-8994-96C6809CA1FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:2003_server:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "CFC4CDAF-F0C4-4B7D-9692-5E73C489F5A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:2003_server:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "6265A492-BDB8-4A41-A5D1-9947C8EF002E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows-nt:vista:*:gold:*:*:*:*:*",
              "matchCriteriaId": "85442DDD-DFB0-455D-8078-EFE49ABC60B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows-nt:xp:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "73AED29E-B778-4186-8968-EB608E34E540",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "3A04E39A-623E-45CA-A5FC-25DAA0F275A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "34DF3B5E-F17F-49B4-9DC8-06749F3C9CC3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 does not properly perform memory allocation, which allows remote attackers to execute arbitrary code via a malformed EMF image file, aka \"GDI+ EMF Memory Corruption Vulnerability.\""
    },
    {
      "lang": "es",
      "value": "gdiplus.dll en GDI+ de Microsoft Internet Explorer 6 SP1, Windows XP SP2 y SP3, Server 2003 SP1 y SP2, Vista Gold y SP1, Server 2008, Office XP SP3, Office 2003 SP2 y SP3, 2007 Microsoft Office System Gold y SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 y 2008 y Forefront Client Security 1.0 no realiza correctamente la asignaci\u00f3n de memoria, lo que permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un archivo de imagen EMF mal formado, tambi\u00e9n conocido como \"GDI+ EMF Memory Corruption Vulnerability (Vulnerabilidad de Corrupci\u00f3n de Memoria GDI+EMF)\"."
    }
  ],
  "id": "CVE-2008-3012",
  "lastModified": "2024-11-21T00:48:13.687",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2008-09-11T01:11:47.087",
  "references": [
    {
      "source": "secure@microsoft.com",
      "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://secunia.com/advisories/32154"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.securityfocus.com/bid/31019"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.securitytracker.com/id?1020835"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA08-253A.html"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.vupen.com/english/advisories/2008/2520"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.vupen.com/english/advisories/2008/2696"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6040"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/32154"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/31019"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1020835"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA08-253A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/2520"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/2696"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6040"
    }
  ],
  "sourceIdentifier": "secure@microsoft.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2009-10-14 10:30
Modified
2024-11-21 01:05
Severity ?
Summary
Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted WMF image file, aka "GDI+ WMF Integer Overflow Vulnerability."
References
secure@microsoft.comhttp://www.us-cert.gov/cas/techalerts/TA09-286A.htmlUS Government Resource
secure@microsoft.comhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062
secure@microsoft.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5967
af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/cas/techalerts/TA09-286A.htmlUS Government Resource
af854a3a-2127-422b-91ae-364da2661108https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5967
Impacted products
Vendor Product Version
microsoft windows_2003_server *
microsoft windows_2003_server *
microsoft windows_2003_server *
microsoft windows_server_2008 *
microsoft windows_server_2008 *
microsoft windows_server_2008 *
microsoft windows_vista *
microsoft windows_vista *
microsoft windows_vista *
microsoft windows_xp *
microsoft windows_xp *
microsoft windows_xp *
microsoft windows_2000 *
microsoft .net_framework 1.1
microsoft .net_framework 2.0
microsoft .net_framework 2.0
microsoft internet_explorer 6
microsoft report_viewer 2005
microsoft report_viewer 2008
microsoft report_viewer 2008
microsoft sql_server 2005
microsoft sql_server 2005
microsoft sql_server 2005
microsoft sql_server 2005
microsoft sql_server 2005
microsoft sql_server 2005
microsoft sql_server_reporting_services 2000
microsoft excel_viewer 2003
microsoft excel_viewer 2003
microsoft expression_web *
microsoft expression_web 2
microsoft office 2003
microsoft office 2007
microsoft office 2007
microsoft office xp
microsoft office_compatibility_pack 2007
microsoft office_compatibility_pack 2007
microsoft office_excel_viewer *
microsoft office_groove 2007
microsoft office_groove 2007
microsoft office_powerpoint_viewer *
microsoft office_powerpoint_viewer 2007
microsoft office_powerpoint_viewer 2007
microsoft office_word_viewer *
microsoft project 2002
microsoft visio 2002
microsoft word_viewer 2003
microsoft word_viewer 2003
microsoft works 8.5
microsoft platform_sdk *
microsoft report_viewer 2005
microsoft report_viewer 2008
microsoft report_viewer 2008
microsoft visual_studio 2008
microsoft visual_studio 2008
microsoft visual_studio_.net 2003
microsoft visual_studio_.net 2005
microsoft forefront_client_security 1.0
microsoft visual_foxpro 8.0
microsoft visual_foxpro 9.0
microsoft windows_2000 *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*",
              "matchCriteriaId": "F7EFB032-47F4-4497-B16B-CB9126EAC9DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:*",
              "matchCriteriaId": "6881476D-81A2-4DFD-AC77-82A8D08A0568",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*",
              "matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*",
              "matchCriteriaId": "9CFB1A97-8042-4497-A45D-C014B5E240AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*",
              "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*",
              "matchCriteriaId": "1DD1D5ED-FE7C-4ADF-B3AF-1F13E51B4FB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*",
              "matchCriteriaId": "1AB9988B-5A9C-4F6D-BCCC-4D03AC6E4CF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*",
              "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:.net_framework:1.1:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "0BF6AE15-EAC3-4100-A742-211026C79CCC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:.net_framework:2.0:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "F97EB992-2DC1-4E31-A298-072D8313130B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "42A6DF09-B8E1-414D-97E7-453566055279",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "D47247A3-7CD7-4D67-9D9B-A94A504DA1BE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2005:sp1:redistributable_package:*:*:*:*:*",
              "matchCriteriaId": "86B3074F-1673-4439-8582-F2786D0ED54D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2008:*:redistributable_package:*:*:*:*:*",
              "matchCriteriaId": "28A57C4D-A305-4FF4-B9AC-853CAF7E30AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2008:sp1:redistributable_package:*:*:*:*:*",
              "matchCriteriaId": "16FD5898-64D7-4F4F-A4C5-5E7BDF340E28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "26423C70-4475-4D7E-8CC0-D8CFADE16B26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp2:itanium:*:*:*:*:*",
              "matchCriteriaId": "F7EF6C51-17EA-43E4-84BA-08CE705C2D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp2:x64:*:*:*:*:*",
              "matchCriteriaId": "7ADB520B-B847-4855-95B1-6CEA36D66C07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "93B86335-EF14-4E4F-B192-2A5323A47D31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp3:itanium:*:*:*:*:*",
              "matchCriteriaId": "AA80EDC4-4E84-40BE-86D5-1825AFA85390",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp3:x64:*:*:*:*:*",
              "matchCriteriaId": "0F3BF09C-04D2-4367-BE58-72AD396B4110",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server_reporting_services:2000:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "377777D4-0649-4732-9E38-E4074056C561",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:excel_viewer:2003:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDB0020C-A804-4003-B411-1AC7A6E7193E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:excel_viewer:2003:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "AE2F0B8B-0600-4324-93A9-07DBE97E1BB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:expression_web:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2876FC23-21A0-4F56-B0D9-11187173F7D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:expression_web:2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6761A1C-EC1C-4B00-8126-D58DAB51267A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:2003:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "A332D04D-CC8C-4F68-A261-BA2F2D8EAD1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:2007:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "69E6B9EB-D3F7-4C57-BF2F-61664E5C2C7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:2007:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "08AF794A-435D-4171-9DBB-EB7FAED96DBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:xp:*:*:*:*:*:*:*",
              "matchCriteriaId": "34FA62BE-D804-402D-9BDD-68BC70ECCD76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_compatibility_pack:2007:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "C5C94F2C-786B-45E4-B80A-FC668D917014",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_compatibility_pack:2007:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "A4B44889-AEEB-4713-A047-C27B802DB257",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_excel_viewer:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A2613CE-C469-43AE-A590-87CE1FAADA8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_groove:2007:*:*:*:*:*:*:*",
              "matchCriteriaId": "828A3CB6-EB0A-4CCD-B786-7316564EE40A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_groove:2007:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "F646992A-D3B7-4474-8E0B-65B99086D844",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_powerpoint_viewer:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "70B39422-2E91-4F2C-8338-8A9292956260",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_powerpoint_viewer:2007:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "7F9C3119-B118-41E2-9622-FD40C6CC4B6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_powerpoint_viewer:2007:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "B55849C3-649E-487B-B702-E2F4B25ECAB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_word_viewer:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E647A7B3-7A92-4584-BDA7-81752FF59411",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:project:2002:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "9B14AE8E-1BFF-4458-87CC-357957F18F8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visio:2002:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "D0D2C5C3-225C-49DC-B9C7-C5BC05900F2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:word_viewer:2003:*:*:*:*:*:*:*",
              "matchCriteriaId": "1889A686-9565-4958-99BB-2EC24ABDF272",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:word_viewer:2003:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "5D7B01AE-F457-45C1-8A37-7ED65CAF8638",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:works:8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "83EE0CCD-69AD-4705-9BB0-24688F7957F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:platform_sdk:*:*:redistrutable_gdi\\+:*:*:*:*:*",
              "matchCriteriaId": "5E9AC6E2-D6C2-48E1-87C5-86470AC622DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2005:sp1:redistributable_package:*:*:*:*:*",
              "matchCriteriaId": "86B3074F-1673-4439-8582-F2786D0ED54D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2008:*:redistributable_package:*:*:*:*:*",
              "matchCriteriaId": "28A57C4D-A305-4FF4-B9AC-853CAF7E30AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2008:sp1:redistributable_package:*:*:*:*:*",
              "matchCriteriaId": "16FD5898-64D7-4F4F-A4C5-5E7BDF340E28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visual_studio:2008:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED077FFC-EBCC-4CD9-BF0E-0286B99C1965",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visual_studio:2008:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "9AB2C8C4-7E86-4736-9CE4-2E65E4EDBF02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visual_studio_.net:2003:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "85959AEB-2FE5-4A25-B298-F8223CE260D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visual_studio_.net:2005:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "F40C30AF-7D70-4FE8-B7D1-F4734F791664",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:forefront_client_security:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "578221F3-4C20-4A3F-A286-5A4680E8785D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visual_foxpro:8.0:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "E5DE8B76-FA09-4EA2-9535-758C56C4C099",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visual_foxpro:9.0:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "5E711CC3-9094-4C54-A794-9C7A3E7F4AFA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*",
              "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted WMF image file, aka \"GDI+ WMF Integer Overflow Vulnerability.\""
    },
    {
      "lang": "es",
      "value": "Desbordamiento de entero en GDI+ en Microsoft Internet Explorer v6 SP1, Windows XP SP2 y SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 y SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold y SP3, Office Excel Viewer 2003 Gold y SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, y SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 y SP2, Expression Web, Expression Web 2, Groove 2007 Gold y SP1, Works v8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold y SP1, y Forefront Client Security v1.0 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un fichero de imagen WMF, tambi\u00e9n conocido como \"Vulnerabilidad de desbordamiento de entero GDI+ WMF\""
    }
  ],
  "id": "CVE-2009-2500",
  "lastModified": "2024-11-21T01:05:01.630",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2009-10-14T10:30:01.327",
  "references": [
    {
      "source": "secure@microsoft.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5967"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5967"
    }
  ],
  "sourceIdentifier": "secure@microsoft.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2009-10-14 10:30
Modified
2024-11-21 01:05
Severity ?
Summary
Multiple integer overflows in unspecified APIs in GDI+ in Microsoft .NET Framework 1.1 SP1, .NET Framework 2.0 SP1 and SP2, Windows XP SP2 and SP3, Windows Server 2003 SP2, Vista Gold and SP1, Server 2008 Gold, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allow remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka "GDI+ .NET API Vulnerability."
References
secure@microsoft.comhttp://www.us-cert.gov/cas/techalerts/TA09-286A.htmlUS Government Resource
secure@microsoft.comhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062
secure@microsoft.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6282
af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/cas/techalerts/TA09-286A.htmlUS Government Resource
af854a3a-2127-422b-91ae-364da2661108https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6282
Impacted products
Vendor Product Version
microsoft windows_2003_server *
microsoft windows_2003_server *
microsoft windows_2003_server *
microsoft windows_server_2008 *
microsoft windows_server_2008 *
microsoft windows_server_2008 *
microsoft windows_vista *
microsoft windows_vista *
microsoft windows_vista *
microsoft windows_xp *
microsoft windows_xp *
microsoft windows_xp *
microsoft windows_2000 *
microsoft .net_framework 1.1
microsoft .net_framework 2.0
microsoft .net_framework 2.0
microsoft internet_explorer 6
microsoft report_viewer 2005
microsoft report_viewer 2008
microsoft report_viewer 2008
microsoft sql_server 2005
microsoft sql_server 2005
microsoft sql_server 2005
microsoft sql_server 2005
microsoft sql_server 2005
microsoft sql_server 2005
microsoft sql_server_reporting_services 2000
microsoft excel_viewer 2003
microsoft excel_viewer 2003
microsoft expression_web *
microsoft expression_web 2
microsoft office 2003
microsoft office 2007
microsoft office 2007
microsoft office xp
microsoft office_compatibility_pack 2007
microsoft office_compatibility_pack 2007
microsoft office_excel_viewer *
microsoft office_groove 2007
microsoft office_groove 2007
microsoft office_powerpoint_viewer *
microsoft office_powerpoint_viewer 2007
microsoft office_powerpoint_viewer 2007
microsoft office_word_viewer *
microsoft project 2002
microsoft visio 2002
microsoft word_viewer 2003
microsoft word_viewer 2003
microsoft works 8.5
microsoft platform_sdk *
microsoft report_viewer 2005
microsoft report_viewer 2008
microsoft report_viewer 2008
microsoft visual_studio 2008
microsoft visual_studio 2008
microsoft visual_studio_.net 2003
microsoft visual_studio_.net 2005
microsoft forefront_client_security 1.0
microsoft visual_foxpro 8.0
microsoft visual_foxpro 9.0
microsoft windows_2000 *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*",
              "matchCriteriaId": "F7EFB032-47F4-4497-B16B-CB9126EAC9DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:*",
              "matchCriteriaId": "6881476D-81A2-4DFD-AC77-82A8D08A0568",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*",
              "matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*",
              "matchCriteriaId": "9CFB1A97-8042-4497-A45D-C014B5E240AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*",
              "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*",
              "matchCriteriaId": "1DD1D5ED-FE7C-4ADF-B3AF-1F13E51B4FB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*",
              "matchCriteriaId": "1AB9988B-5A9C-4F6D-BCCC-4D03AC6E4CF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*",
              "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:.net_framework:1.1:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "0BF6AE15-EAC3-4100-A742-211026C79CCC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:.net_framework:2.0:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "F97EB992-2DC1-4E31-A298-072D8313130B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "42A6DF09-B8E1-414D-97E7-453566055279",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "D47247A3-7CD7-4D67-9D9B-A94A504DA1BE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2005:sp1:redistributable_package:*:*:*:*:*",
              "matchCriteriaId": "86B3074F-1673-4439-8582-F2786D0ED54D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2008:*:redistributable_package:*:*:*:*:*",
              "matchCriteriaId": "28A57C4D-A305-4FF4-B9AC-853CAF7E30AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2008:sp1:redistributable_package:*:*:*:*:*",
              "matchCriteriaId": "16FD5898-64D7-4F4F-A4C5-5E7BDF340E28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "26423C70-4475-4D7E-8CC0-D8CFADE16B26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp2:itanium:*:*:*:*:*",
              "matchCriteriaId": "F7EF6C51-17EA-43E4-84BA-08CE705C2D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp2:x64:*:*:*:*:*",
              "matchCriteriaId": "7ADB520B-B847-4855-95B1-6CEA36D66C07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "93B86335-EF14-4E4F-B192-2A5323A47D31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp3:itanium:*:*:*:*:*",
              "matchCriteriaId": "AA80EDC4-4E84-40BE-86D5-1825AFA85390",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp3:x64:*:*:*:*:*",
              "matchCriteriaId": "0F3BF09C-04D2-4367-BE58-72AD396B4110",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server_reporting_services:2000:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "377777D4-0649-4732-9E38-E4074056C561",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:excel_viewer:2003:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDB0020C-A804-4003-B411-1AC7A6E7193E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:excel_viewer:2003:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "AE2F0B8B-0600-4324-93A9-07DBE97E1BB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:expression_web:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2876FC23-21A0-4F56-B0D9-11187173F7D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:expression_web:2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6761A1C-EC1C-4B00-8126-D58DAB51267A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:2003:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "A332D04D-CC8C-4F68-A261-BA2F2D8EAD1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:2007:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "69E6B9EB-D3F7-4C57-BF2F-61664E5C2C7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:2007:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "08AF794A-435D-4171-9DBB-EB7FAED96DBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:xp:*:*:*:*:*:*:*",
              "matchCriteriaId": "34FA62BE-D804-402D-9BDD-68BC70ECCD76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_compatibility_pack:2007:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "C5C94F2C-786B-45E4-B80A-FC668D917014",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_compatibility_pack:2007:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "A4B44889-AEEB-4713-A047-C27B802DB257",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_excel_viewer:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A2613CE-C469-43AE-A590-87CE1FAADA8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_groove:2007:*:*:*:*:*:*:*",
              "matchCriteriaId": "828A3CB6-EB0A-4CCD-B786-7316564EE40A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_groove:2007:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "F646992A-D3B7-4474-8E0B-65B99086D844",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_powerpoint_viewer:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "70B39422-2E91-4F2C-8338-8A9292956260",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_powerpoint_viewer:2007:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "7F9C3119-B118-41E2-9622-FD40C6CC4B6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_powerpoint_viewer:2007:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "B55849C3-649E-487B-B702-E2F4B25ECAB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_word_viewer:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E647A7B3-7A92-4584-BDA7-81752FF59411",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:project:2002:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "9B14AE8E-1BFF-4458-87CC-357957F18F8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visio:2002:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "D0D2C5C3-225C-49DC-B9C7-C5BC05900F2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:word_viewer:2003:*:*:*:*:*:*:*",
              "matchCriteriaId": "1889A686-9565-4958-99BB-2EC24ABDF272",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:word_viewer:2003:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "5D7B01AE-F457-45C1-8A37-7ED65CAF8638",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:works:8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "83EE0CCD-69AD-4705-9BB0-24688F7957F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:platform_sdk:*:*:redistrutable_gdi\\+:*:*:*:*:*",
              "matchCriteriaId": "5E9AC6E2-D6C2-48E1-87C5-86470AC622DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2005:sp1:redistributable_package:*:*:*:*:*",
              "matchCriteriaId": "86B3074F-1673-4439-8582-F2786D0ED54D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2008:*:redistributable_package:*:*:*:*:*",
              "matchCriteriaId": "28A57C4D-A305-4FF4-B9AC-853CAF7E30AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2008:sp1:redistributable_package:*:*:*:*:*",
              "matchCriteriaId": "16FD5898-64D7-4F4F-A4C5-5E7BDF340E28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visual_studio:2008:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED077FFC-EBCC-4CD9-BF0E-0286B99C1965",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visual_studio:2008:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "9AB2C8C4-7E86-4736-9CE4-2E65E4EDBF02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visual_studio_.net:2003:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "85959AEB-2FE5-4A25-B298-F8223CE260D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visual_studio_.net:2005:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "F40C30AF-7D70-4FE8-B7D1-F4734F791664",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:forefront_client_security:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "578221F3-4C20-4A3F-A286-5A4680E8785D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visual_foxpro:8.0:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "E5DE8B76-FA09-4EA2-9535-758C56C4C099",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visual_foxpro:9.0:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "5E711CC3-9094-4C54-A794-9C7A3E7F4AFA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*",
              "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple integer overflows in unspecified APIs in GDI+ in Microsoft .NET Framework 1.1 SP1, .NET Framework 2.0 SP1 and SP2, Windows XP SP2 and SP3, Windows Server 2003 SP2, Vista Gold and SP1, Server 2008 Gold, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allow remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka \"GDI+ .NET API Vulnerability.\""
    },
    {
      "lang": "es",
      "value": "M\u00faltiples desbordamientos de enteros en las API no especificadas en GDI+ en .NET Framework versi\u00f3n 1.1 SP1, .NET Framework versi\u00f3n 2.0 SP1 y SP2, Windows XP SP2 y SP3, Windows Server 2003 SP2, Vista versi\u00f3n Gold y SP1, Server 2008 versi\u00f3n Gold, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 y SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 versi\u00f3n Gold y SP3, Office Excel Viewer 2003 Gold y SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 versi\u00f3n Gold, SP1 y SP2, Office Compatibility Pack for Word, Excel and PowerPoint 2007 File Formats SP1 y SP2, Expression Web, Expression Web 2, Groove 2007 versi\u00f3n Gold y SP1, Works versi\u00f3n 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 y SP3, Report Viewer 2005 SP1, Report Viewer 2008 versi\u00f3n Gold y SP1 y Forefront Client Security versi\u00f3n 1.0, de Microsoft, permiten a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de (1) una aplicaci\u00f3n de navegador XAML dise\u00f1ada (XBAP), (2) una aplicaci\u00f3n de ASP.NET dise\u00f1ada o (3) una aplicaci\u00f3n de .NET Framework dise\u00f1ada, tambi\u00e9n se conoce como \"GDI+ .NET API Vulnerability\"."
    }
  ],
  "id": "CVE-2009-2504",
  "lastModified": "2024-11-21T01:05:02.317",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2009-10-14T10:30:01.437",
  "references": [
    {
      "source": "secure@microsoft.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6282"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6282"
    }
  ],
  "sourceIdentifier": "secure@microsoft.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2020-09-11 17:15
Modified
2024-11-21 05:09
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Summary
<p>A security feature bypass vulnerability exists in SQL Server Reporting Services (SSRS) when the server improperly validates attachments uploaded to reports. An attacker who successfully exploited this vulnerability could upload file types that were disallowed by an administrator.</p> <p>To exploit the vulnerability, an authenticated attacker would need to send a specially crafted request to an affected SSRS server.</p> <p>The update addresses the vulnerability by modifying how SSRS validates attachment uploads.</p>
References
secure@microsoft.comhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1044Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1044Patch, Vendor Advisory
Impacted products
Vendor Product Version
microsoft sql_server_reporting_services 2017
microsoft sql_server_reporting_services 2019


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server_reporting_services:2017:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1A474BD-3D0F-4B62-B64D-4154A72DD160",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server_reporting_services:2019:*:*:*:*:*:*:*",
              "matchCriteriaId": "71090A71-B116-48E2-BB73-D29C8D817E68",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "\u003cp\u003eA security feature bypass vulnerability exists in SQL Server Reporting Services (SSRS) when the server improperly validates attachments uploaded to reports. An attacker who successfully exploited this vulnerability could upload file types that were disallowed by an administrator.\u003c/p\u003e\n\u003cp\u003eTo exploit the vulnerability, an authenticated attacker would need to send a specially crafted request to an affected SSRS server.\u003c/p\u003e\n\u003cp\u003eThe update addresses the vulnerability by modifying how SSRS validates attachment uploads.\u003c/p\u003e\n"
    },
    {
      "lang": "es",
      "value": "Se presenta una vulnerabilidad de omisi\u00f3n de la caracter\u00edstica de seguridad en SQL Server Reporting Services (SSRS) cuando el servidor comprueba inapropiadamente los archivos adjuntos cargados en los reportes, tambi\u00e9n se conoce como \"SQL Server Reporting Services Security Feature Bypass Vulnerability\""
    }
  ],
  "id": "CVE-2020-1044",
  "lastModified": "2024-11-21T05:09:37.700",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 4.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "secure@microsoft.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Secondary"
      }
    ]
  },
  "published": "2020-09-11T17:15:18.260",
  "references": [
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1044"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1044"
    }
  ],
  "sourceIdentifier": "secure@microsoft.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2008-09-11 01:11
Modified
2024-11-21 00:48
Severity ?
Summary
Integer overflow in gdiplus.dll in GDI+ in Microsoft Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a BMP image file with a malformed BitMapInfoHeader that triggers a buffer overflow, aka "GDI+ BMP Integer Overflow Vulnerability."
References
secure@microsoft.comhttp://marc.info/?l=bugtraq&m=122235754013992&w=2
secure@microsoft.comhttp://marc.info/?l=bugtraq&m=122235754013992&w=2
secure@microsoft.comhttp://secunia.com/advisories/32154Vendor Advisory
secure@microsoft.comhttp://www.evilfingers.com/patchTuesday/MS08_052_GDI+_Vulnerability.txt
secure@microsoft.comhttp://www.evilfingers.com/patchTuesday/MS08_052_GDI+_Vulnerability_ver2.txt
secure@microsoft.comhttp://www.securityfocus.com/archive/1/496153/100/0/threaded
secure@microsoft.comhttp://www.securityfocus.com/bid/31022
secure@microsoft.comhttp://www.securitytracker.com/id?1020838
secure@microsoft.comhttp://www.us-cert.gov/cas/techalerts/TA08-253A.htmlUS Government Resource
secure@microsoft.comhttp://www.vupen.com/english/advisories/2008/2520Vendor Advisory
secure@microsoft.comhttp://www.vupen.com/english/advisories/2008/2696Vendor Advisory
secure@microsoft.comhttp://www.zerodayinitiative.com/advisories/ZDI-08-055
secure@microsoft.comhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052
secure@microsoft.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5881
secure@microsoft.comhttps://www.exploit-db.com/exploits/6619
secure@microsoft.comhttps://www.exploit-db.com/exploits/6716
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=122235754013992&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=122235754013992&w=2
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/32154Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.evilfingers.com/patchTuesday/MS08_052_GDI+_Vulnerability.txt
af854a3a-2127-422b-91ae-364da2661108http://www.evilfingers.com/patchTuesday/MS08_052_GDI+_Vulnerability_ver2.txt
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/496153/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/31022
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1020838
af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/cas/techalerts/TA08-253A.htmlUS Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/2520Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/2696Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.zerodayinitiative.com/advisories/ZDI-08-055
af854a3a-2127-422b-91ae-364da2661108https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5881
af854a3a-2127-422b-91ae-364da2661108https://www.exploit-db.com/exploits/6619
af854a3a-2127-422b-91ae-364da2661108https://www.exploit-db.com/exploits/6716
Impacted products
Vendor Product Version
microsoft digital_image_suite 2006
microsoft forefront_client_security 1.0
microsoft office 2003
microsoft office 2003
microsoft office 2007
microsoft office 2007
microsoft office xp
microsoft office_powerpoint_viewer 2003
microsoft report_viewer 2005
microsoft report_viewer 2008
microsoft sql_server 2005
microsoft sql_server_reporting_services 2000
microsoft visio 2002
microsoft works 8.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:digital_image_suite:2006:*:*:*:*:*:*:*",
              "matchCriteriaId": "24F42695-7FB7-4C43-A9A7-8A234B6E5937",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:forefront_client_security:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "578221F3-4C20-4A3F-A286-5A4680E8785D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:2003:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "07D3F3E4-93FB-481A-94D9-075E726697C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:2003:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "A332D04D-CC8C-4F68-A261-BA2F2D8EAD1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:2007:*:gold:*:*:*:*:*",
              "matchCriteriaId": "E438882E-1AAE-477E-B885-D4E95D2AE88A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:2007:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "69E6B9EB-D3F7-4C57-BF2F-61664E5C2C7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:xp:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "79BA1175-7F02-4435-AEA6-1BA8AADEB7EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_powerpoint_viewer:2003:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5440EF5-462B-4BAC-AF60-44C5D649D0D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2005:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "033138E1-82C7-443C-89C1-23D8032674CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2008:*:*:*:*:*:*:*",
              "matchCriteriaId": "30E84216-227B-4074-B65B-6AA399D4A8DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "26423C70-4475-4D7E-8CC0-D8CFADE16B26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server_reporting_services:2000:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "377777D4-0649-4732-9E38-E4074056C561",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visio:2002:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "D0D2C5C3-225C-49DC-B9C7-C5BC05900F2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:works:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "293914AF-6101-4F50-9560-A4EA99D767C4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integer overflow in gdiplus.dll in GDI+ in Microsoft Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a BMP image file with a malformed BitMapInfoHeader that triggers a buffer overflow, aka \"GDI+ BMP Integer Overflow Vulnerability.\""
    },
    {
      "lang": "es",
      "value": "Un desbordamiento de enteros en la biblioteca gdiplus.dll en GDI+ en Office XP SP3, Office 2003 SP2 y SP3, 2007, de Microsoft; Office System Gold y SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2 , SQL Server 2005 SP2, Report Viewer 2005 SP1 y 2008, y Forefront Client Security versi\u00f3n 1.0, de Microsoft, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un archivo de imagen BMP con una BitMapInfoHeader malformada que desencadena un desbordamiento de b\u00fafer, tambi\u00e9n se conoce como \"GDI+ BMP Integer Overflow Vulnerability.\""
    }
  ],
  "id": "CVE-2008-3015",
  "lastModified": "2024-11-21T00:48:14.060",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2008-09-11T01:11:47.147",
  "references": [
    {
      "source": "secure@microsoft.com",
      "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/32154"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.evilfingers.com/patchTuesday/MS08_052_GDI+_Vulnerability.txt"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.evilfingers.com/patchTuesday/MS08_052_GDI+_Vulnerability_ver2.txt"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.securityfocus.com/archive/1/496153/100/0/threaded"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.securityfocus.com/bid/31022"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.securitytracker.com/id?1020838"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA08-253A.html"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/2520"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/2696"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-055"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5881"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://www.exploit-db.com/exploits/6619"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://www.exploit-db.com/exploits/6716"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/32154"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.evilfingers.com/patchTuesday/MS08_052_GDI+_Vulnerability.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.evilfingers.com/patchTuesday/MS08_052_GDI+_Vulnerability_ver2.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/496153/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/31022"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1020838"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA08-253A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/2520"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/2696"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-055"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5881"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.exploit-db.com/exploits/6619"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.exploit-db.com/exploits/6716"
    }
  ],
  "sourceIdentifier": "secure@microsoft.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2009-10-14 10:30
Modified
2024-11-21 01:05
Severity ?
Summary
GDI+ in Microsoft Office XP SP3 does not properly handle malformed objects in Office Art Property Tables, which allows remote attackers to execute arbitrary code via a crafted Office document that triggers memory corruption, aka "Memory Corruption Vulnerability."
References
secure@microsoft.comhttp://www.us-cert.gov/cas/techalerts/TA09-286A.htmlUS Government Resource
secure@microsoft.comhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062
secure@microsoft.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6426
af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/cas/techalerts/TA09-286A.htmlUS Government Resource
af854a3a-2127-422b-91ae-364da2661108https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6426
Impacted products
Vendor Product Version
microsoft windows_2003_server *
microsoft windows_2003_server *
microsoft windows_2003_server *
microsoft windows_server_2008 *
microsoft windows_server_2008 *
microsoft windows_server_2008 *
microsoft windows_vista *
microsoft windows_vista *
microsoft windows_vista *
microsoft windows_xp *
microsoft windows_xp *
microsoft windows_xp *
microsoft windows_2000 *
microsoft .net_framework 1.1
microsoft .net_framework 2.0
microsoft .net_framework 2.0
microsoft internet_explorer 6
microsoft report_viewer 2005
microsoft report_viewer 2008
microsoft report_viewer 2008
microsoft sql_server 2005
microsoft sql_server 2005
microsoft sql_server 2005
microsoft sql_server 2005
microsoft sql_server 2005
microsoft sql_server 2005
microsoft sql_server_reporting_services 2000
microsoft excel_viewer 2003
microsoft excel_viewer 2003
microsoft expression_web *
microsoft expression_web 2
microsoft office 2003
microsoft office 2007
microsoft office 2007
microsoft office xp
microsoft office_compatibility_pack 2007
microsoft office_compatibility_pack 2007
microsoft office_excel_viewer *
microsoft office_groove 2007
microsoft office_groove 2007
microsoft office_powerpoint_viewer *
microsoft office_powerpoint_viewer 2007
microsoft office_powerpoint_viewer 2007
microsoft office_word_viewer *
microsoft project 2002
microsoft visio 2002
microsoft word_viewer 2003
microsoft word_viewer 2003
microsoft works 8.5
microsoft platform_sdk *
microsoft report_viewer 2005
microsoft report_viewer 2008
microsoft report_viewer 2008
microsoft visual_studio 2008
microsoft visual_studio 2008
microsoft visual_studio_.net 2003
microsoft visual_studio_.net 2005
microsoft forefront_client_security 1.0
microsoft visual_foxpro 8.0
microsoft visual_foxpro 9.0
microsoft windows_2000 *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*",
              "matchCriteriaId": "F7EFB032-47F4-4497-B16B-CB9126EAC9DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:*",
              "matchCriteriaId": "6881476D-81A2-4DFD-AC77-82A8D08A0568",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*",
              "matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*",
              "matchCriteriaId": "9CFB1A97-8042-4497-A45D-C014B5E240AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*",
              "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*",
              "matchCriteriaId": "1DD1D5ED-FE7C-4ADF-B3AF-1F13E51B4FB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*",
              "matchCriteriaId": "1AB9988B-5A9C-4F6D-BCCC-4D03AC6E4CF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*",
              "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:.net_framework:1.1:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "0BF6AE15-EAC3-4100-A742-211026C79CCC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:.net_framework:2.0:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "F97EB992-2DC1-4E31-A298-072D8313130B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "42A6DF09-B8E1-414D-97E7-453566055279",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "D47247A3-7CD7-4D67-9D9B-A94A504DA1BE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2005:sp1:redistributable_package:*:*:*:*:*",
              "matchCriteriaId": "86B3074F-1673-4439-8582-F2786D0ED54D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2008:*:redistributable_package:*:*:*:*:*",
              "matchCriteriaId": "28A57C4D-A305-4FF4-B9AC-853CAF7E30AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2008:sp1:redistributable_package:*:*:*:*:*",
              "matchCriteriaId": "16FD5898-64D7-4F4F-A4C5-5E7BDF340E28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "26423C70-4475-4D7E-8CC0-D8CFADE16B26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp2:itanium:*:*:*:*:*",
              "matchCriteriaId": "F7EF6C51-17EA-43E4-84BA-08CE705C2D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp2:x64:*:*:*:*:*",
              "matchCriteriaId": "7ADB520B-B847-4855-95B1-6CEA36D66C07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "93B86335-EF14-4E4F-B192-2A5323A47D31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp3:itanium:*:*:*:*:*",
              "matchCriteriaId": "AA80EDC4-4E84-40BE-86D5-1825AFA85390",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp3:x64:*:*:*:*:*",
              "matchCriteriaId": "0F3BF09C-04D2-4367-BE58-72AD396B4110",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server_reporting_services:2000:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "377777D4-0649-4732-9E38-E4074056C561",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:excel_viewer:2003:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDB0020C-A804-4003-B411-1AC7A6E7193E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:excel_viewer:2003:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "AE2F0B8B-0600-4324-93A9-07DBE97E1BB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:expression_web:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2876FC23-21A0-4F56-B0D9-11187173F7D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:expression_web:2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6761A1C-EC1C-4B00-8126-D58DAB51267A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:2003:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "A332D04D-CC8C-4F68-A261-BA2F2D8EAD1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:2007:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "69E6B9EB-D3F7-4C57-BF2F-61664E5C2C7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:2007:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "08AF794A-435D-4171-9DBB-EB7FAED96DBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:xp:*:*:*:*:*:*:*",
              "matchCriteriaId": "34FA62BE-D804-402D-9BDD-68BC70ECCD76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_compatibility_pack:2007:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "C5C94F2C-786B-45E4-B80A-FC668D917014",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_compatibility_pack:2007:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "A4B44889-AEEB-4713-A047-C27B802DB257",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_excel_viewer:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A2613CE-C469-43AE-A590-87CE1FAADA8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_groove:2007:*:*:*:*:*:*:*",
              "matchCriteriaId": "828A3CB6-EB0A-4CCD-B786-7316564EE40A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_groove:2007:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "F646992A-D3B7-4474-8E0B-65B99086D844",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_powerpoint_viewer:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "70B39422-2E91-4F2C-8338-8A9292956260",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_powerpoint_viewer:2007:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "7F9C3119-B118-41E2-9622-FD40C6CC4B6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_powerpoint_viewer:2007:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "B55849C3-649E-487B-B702-E2F4B25ECAB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_word_viewer:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E647A7B3-7A92-4584-BDA7-81752FF59411",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:project:2002:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "9B14AE8E-1BFF-4458-87CC-357957F18F8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visio:2002:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "D0D2C5C3-225C-49DC-B9C7-C5BC05900F2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:word_viewer:2003:*:*:*:*:*:*:*",
              "matchCriteriaId": "1889A686-9565-4958-99BB-2EC24ABDF272",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:word_viewer:2003:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "5D7B01AE-F457-45C1-8A37-7ED65CAF8638",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:works:8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "83EE0CCD-69AD-4705-9BB0-24688F7957F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:platform_sdk:*:*:redistrutable_gdi\\+:*:*:*:*:*",
              "matchCriteriaId": "5E9AC6E2-D6C2-48E1-87C5-86470AC622DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2005:sp1:redistributable_package:*:*:*:*:*",
              "matchCriteriaId": "86B3074F-1673-4439-8582-F2786D0ED54D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2008:*:redistributable_package:*:*:*:*:*",
              "matchCriteriaId": "28A57C4D-A305-4FF4-B9AC-853CAF7E30AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2008:sp1:redistributable_package:*:*:*:*:*",
              "matchCriteriaId": "16FD5898-64D7-4F4F-A4C5-5E7BDF340E28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visual_studio:2008:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED077FFC-EBCC-4CD9-BF0E-0286B99C1965",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visual_studio:2008:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "9AB2C8C4-7E86-4736-9CE4-2E65E4EDBF02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visual_studio_.net:2003:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "85959AEB-2FE5-4A25-B298-F8223CE260D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visual_studio_.net:2005:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "F40C30AF-7D70-4FE8-B7D1-F4734F791664",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:forefront_client_security:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "578221F3-4C20-4A3F-A286-5A4680E8785D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visual_foxpro:8.0:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "E5DE8B76-FA09-4EA2-9535-758C56C4C099",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visual_foxpro:9.0:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "5E711CC3-9094-4C54-A794-9C7A3E7F4AFA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*",
              "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "GDI+ in Microsoft Office XP SP3 does not properly handle malformed objects in Office Art Property Tables, which allows remote attackers to execute arbitrary code via a crafted Office document that triggers memory corruption, aka \"Memory Corruption Vulnerability.\""
    },
    {
      "lang": "es",
      "value": "GDI+ en Microsoft Office XP SP3 no maneja adecuadamente los objetos mal formados en Office Art Property Tables, lo que permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un documento de Office manipulado que provoca una corrupci\u00f3n de memoria, \"tambi\u00e9n conocida como vulnerabilidad de corrupci\u00f3n de memoria\"."
    }
  ],
  "id": "CVE-2009-2528",
  "lastModified": "2024-11-21T01:05:05.200",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2009-10-14T10:30:01.703",
  "references": [
    {
      "source": "secure@microsoft.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6426"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6426"
    }
  ],
  "sourceIdentifier": "secure@microsoft.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2009-10-14 10:30
Modified
2024-11-21 01:05
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted TIFF image file, aka "GDI+ TIFF Buffer Overflow Vulnerability."
References
secure@microsoft.comhttp://www.us-cert.gov/cas/techalerts/TA09-286A.htmlUS Government Resource
secure@microsoft.comhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062
secure@microsoft.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5898
af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/cas/techalerts/TA09-286A.htmlUS Government Resource
af854a3a-2127-422b-91ae-364da2661108https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5898
Impacted products
Vendor Product Version
microsoft windows_2003_server *
microsoft windows_2003_server *
microsoft windows_2003_server *
microsoft windows_server_2008 *
microsoft windows_server_2008 *
microsoft windows_server_2008 *
microsoft windows_vista *
microsoft windows_vista *
microsoft windows_vista *
microsoft windows_xp *
microsoft windows_xp *
microsoft windows_xp *
microsoft windows_2000 *
microsoft .net_framework 1.1
microsoft .net_framework 2.0
microsoft .net_framework 2.0
microsoft internet_explorer 6
microsoft report_viewer 2005
microsoft report_viewer 2008
microsoft report_viewer 2008
microsoft sql_server 2005
microsoft sql_server 2005
microsoft sql_server 2005
microsoft sql_server 2005
microsoft sql_server 2005
microsoft sql_server 2005
microsoft sql_server_reporting_services 2000
microsoft excel_viewer 2003
microsoft excel_viewer 2003
microsoft expression_web *
microsoft expression_web 2
microsoft office 2003
microsoft office 2007
microsoft office 2007
microsoft office xp
microsoft office_compatibility_pack 2007
microsoft office_compatibility_pack 2007
microsoft office_excel_viewer *
microsoft office_groove 2007
microsoft office_groove 2007
microsoft office_powerpoint_viewer *
microsoft office_powerpoint_viewer 2007
microsoft office_powerpoint_viewer 2007
microsoft office_word_viewer *
microsoft project 2002
microsoft visio 2002
microsoft word_viewer 2003
microsoft word_viewer 2003
microsoft works 8.5
microsoft platform_sdk *
microsoft report_viewer 2005
microsoft report_viewer 2008
microsoft report_viewer 2008
microsoft visual_studio 2008
microsoft visual_studio 2008
microsoft visual_studio_.net 2003
microsoft visual_studio_.net 2005
microsoft forefront_client_security 1.0
microsoft visual_foxpro 8.0
microsoft visual_foxpro 9.0
microsoft windows_2000 *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*",
              "matchCriteriaId": "F7EFB032-47F4-4497-B16B-CB9126EAC9DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:*",
              "matchCriteriaId": "6881476D-81A2-4DFD-AC77-82A8D08A0568",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*",
              "matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*",
              "matchCriteriaId": "9CFB1A97-8042-4497-A45D-C014B5E240AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*",
              "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*",
              "matchCriteriaId": "1DD1D5ED-FE7C-4ADF-B3AF-1F13E51B4FB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*",
              "matchCriteriaId": "1AB9988B-5A9C-4F6D-BCCC-4D03AC6E4CF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*",
              "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:.net_framework:1.1:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "0BF6AE15-EAC3-4100-A742-211026C79CCC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:.net_framework:2.0:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "F97EB992-2DC1-4E31-A298-072D8313130B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "42A6DF09-B8E1-414D-97E7-453566055279",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "D47247A3-7CD7-4D67-9D9B-A94A504DA1BE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2005:sp1:redistributable_package:*:*:*:*:*",
              "matchCriteriaId": "86B3074F-1673-4439-8582-F2786D0ED54D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2008:*:redistributable_package:*:*:*:*:*",
              "matchCriteriaId": "28A57C4D-A305-4FF4-B9AC-853CAF7E30AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2008:sp1:redistributable_package:*:*:*:*:*",
              "matchCriteriaId": "16FD5898-64D7-4F4F-A4C5-5E7BDF340E28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "26423C70-4475-4D7E-8CC0-D8CFADE16B26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp2:itanium:*:*:*:*:*",
              "matchCriteriaId": "F7EF6C51-17EA-43E4-84BA-08CE705C2D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp2:x64:*:*:*:*:*",
              "matchCriteriaId": "7ADB520B-B847-4855-95B1-6CEA36D66C07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "93B86335-EF14-4E4F-B192-2A5323A47D31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp3:itanium:*:*:*:*:*",
              "matchCriteriaId": "AA80EDC4-4E84-40BE-86D5-1825AFA85390",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp3:x64:*:*:*:*:*",
              "matchCriteriaId": "0F3BF09C-04D2-4367-BE58-72AD396B4110",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sql_server_reporting_services:2000:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "377777D4-0649-4732-9E38-E4074056C561",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:excel_viewer:2003:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDB0020C-A804-4003-B411-1AC7A6E7193E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:excel_viewer:2003:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "AE2F0B8B-0600-4324-93A9-07DBE97E1BB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:expression_web:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2876FC23-21A0-4F56-B0D9-11187173F7D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:expression_web:2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6761A1C-EC1C-4B00-8126-D58DAB51267A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:2003:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "A332D04D-CC8C-4F68-A261-BA2F2D8EAD1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:2007:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "69E6B9EB-D3F7-4C57-BF2F-61664E5C2C7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:2007:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "08AF794A-435D-4171-9DBB-EB7FAED96DBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:xp:*:*:*:*:*:*:*",
              "matchCriteriaId": "34FA62BE-D804-402D-9BDD-68BC70ECCD76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_compatibility_pack:2007:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "C5C94F2C-786B-45E4-B80A-FC668D917014",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_compatibility_pack:2007:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "A4B44889-AEEB-4713-A047-C27B802DB257",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_excel_viewer:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A2613CE-C469-43AE-A590-87CE1FAADA8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_groove:2007:*:*:*:*:*:*:*",
              "matchCriteriaId": "828A3CB6-EB0A-4CCD-B786-7316564EE40A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_groove:2007:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "F646992A-D3B7-4474-8E0B-65B99086D844",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_powerpoint_viewer:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "70B39422-2E91-4F2C-8338-8A9292956260",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_powerpoint_viewer:2007:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "7F9C3119-B118-41E2-9622-FD40C6CC4B6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_powerpoint_viewer:2007:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "B55849C3-649E-487B-B702-E2F4B25ECAB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_word_viewer:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E647A7B3-7A92-4584-BDA7-81752FF59411",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:project:2002:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "9B14AE8E-1BFF-4458-87CC-357957F18F8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visio:2002:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "D0D2C5C3-225C-49DC-B9C7-C5BC05900F2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:word_viewer:2003:*:*:*:*:*:*:*",
              "matchCriteriaId": "1889A686-9565-4958-99BB-2EC24ABDF272",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:word_viewer:2003:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "5D7B01AE-F457-45C1-8A37-7ED65CAF8638",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:works:8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "83EE0CCD-69AD-4705-9BB0-24688F7957F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:platform_sdk:*:*:redistrutable_gdi\\+:*:*:*:*:*",
              "matchCriteriaId": "5E9AC6E2-D6C2-48E1-87C5-86470AC622DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2005:sp1:redistributable_package:*:*:*:*:*",
              "matchCriteriaId": "86B3074F-1673-4439-8582-F2786D0ED54D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2008:*:redistributable_package:*:*:*:*:*",
              "matchCriteriaId": "28A57C4D-A305-4FF4-B9AC-853CAF7E30AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:report_viewer:2008:sp1:redistributable_package:*:*:*:*:*",
              "matchCriteriaId": "16FD5898-64D7-4F4F-A4C5-5E7BDF340E28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visual_studio:2008:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED077FFC-EBCC-4CD9-BF0E-0286B99C1965",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visual_studio:2008:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "9AB2C8C4-7E86-4736-9CE4-2E65E4EDBF02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visual_studio_.net:2003:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "85959AEB-2FE5-4A25-B298-F8223CE260D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visual_studio_.net:2005:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "F40C30AF-7D70-4FE8-B7D1-F4734F791664",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:forefront_client_security:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "578221F3-4C20-4A3F-A286-5A4680E8785D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visual_foxpro:8.0:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "E5DE8B76-FA09-4EA2-9535-758C56C4C099",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:visual_foxpro:9.0:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "5E711CC3-9094-4C54-A794-9C7A3E7F4AFA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*",
              "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted TIFF image file, aka \"GDI+ TIFF Buffer Overflow Vulnerability.\""
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer en GDI+ en Microsoft Internet Explorer v6 SP1, Windows XP SP2 y SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 y SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold y SP3, Office Excel Viewer 2003 Gold y SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, y SP2, Office Compatibility Pack for Word, Excel, y PowerPoint 2007 File Formats SP1 y SP2, Expression Web, Expression Web v2, Groove 2007 Gold y SP1, Works v8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 y SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold y SP1, y Forefront Client Security v1.0 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un fichero de imagen TIFF manipulado, tambi\u00e9n conocido como \"Vulnerabilidad de desbordamiento de b\u00fafer GDI+ TIFF\"."
    }
  ],
  "id": "CVE-2009-2502",
  "lastModified": "2024-11-21T01:05:01.900",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2009-10-14T10:30:01.390",
  "references": [
    {
      "source": "secure@microsoft.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5898"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5898"
    }
  ],
  "sourceIdentifier": "secure@microsoft.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-120"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}