Info

Disclosure

Apr 08, 2008

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Apr 08, 2008

Description

A buffer overflow exists in Windows. GDI fails to validate EMF files resulting in a stack overflow. With a specially crafted file, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity.

Classification

Location: Local Access Required, Remote / Network Access, Context Dependent
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Patch / RCS
Exploit: Exploit Public, Exploit Unknown
Disclosure: Vendor Verified

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerabilitty.

Products

Microsoft Corporation	Windows	XP SP2
		2003 Server SP1
		2003 Server SP2
		2003 Server x64
		2000 SP4
		Vista
		2003 Server for Itanium
		Vista SP1
		2008 Server
		XP Pro x64
		2003 Server x64
		2003 Server x64 SP2
		2003 Server for Itanium SP2
		XP Pro x64 SP2
		Vista x64
		Vista x64 SP1

References

Security Tracker: 1019798
CVE ID: 2008-1087 (see also: NVD)
Bugtraq ID: 28570
Secunia Advisory ID: 29704
Related OSVDB ID: 44213
Exploit Database: 5442
Milw0rm: 5442
Microsoft Knowledge Base Article: 948590
VUPEN Advisory: ADV-2008-1145
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2008-04/0225.html
Microsoft Security Bulletin: MS08-021

Credit

Yamata Li - Palo Alto Networks

Direct URL: http://osvdb.org/36218

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Microsoft Corporation

Windows

References

Credit