OSVDB ID: 44213

Title: Microsoft Windows GDI (gdi32.dll) EMF File Handling Multiple Overflows

Info

Disclosure

Apr 08, 2008

Discovery

Dec 17, 2008

Dates

Exploit

Unknown

Solution

Apr 08, 2008

Description

A heap overflow overflow exists in Windows. gdi32.dll fails to validate EMF files resulting in a heap overflow. With a specially crafted file, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity.

Classification

Location: Local Access Required, Remote/Network Access Required
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Patch
Exploit: Exploit Available
Disclosure: Vendor Verified
OSVDB: Context Dependent

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability.

Products

Microsoft Corporation	Windows	XP SP2
		XP Pro x64
		2003 Server x64
		2000 SP4
		Vista
		Vista x64 Edition
		2003 Server for Itanium
		2003 Server SP1
		XP Pro SP2 x64
		2003 Server SP2
		2003 Server SP2 x64
		2003 Server SP2 for Itanium
		Vista SP1
		Vista SP1 x64 Edition
		2008 Server

References

FrSIRT Advisory: ADV-2008-1145
Bugtraq ID: 28571
Microsoft Knowledge Base Article: 948590
Microsoft Security Bulletin: MS08-021
Related OSVDB ID: 44214 44215
Milw0rm: 5442
Other Advisory URL: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=681
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=682
ISS X-Force ID: 41471
Secunia Advisory ID: 29704
Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2008-04/0188.html
http://archives.neohapsis.com/archives/fulldisclosure/2008-04/0189.html
CVE ID: 2008-1083 (see also: NVD)
Security Tracker: 1019798

Credit

Jun Mao - iDefense Labs

Direct URL: http://osvdb.org/36218

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Microsoft Corporation

Windows

References

Credit