Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1087

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2008-1087
Last Modified 07 Mar 2011 10:05:55
Published 08 Apr 2008 07:05:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-1087

Summary

Stack-based buffer overflow in GDI in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, and Server 2008 allows remote attackers to execute arbitrary code via an EMF image file with crafted filename parameters, aka "GDI Stack Overflow Vulnerability."

Vulnerable Systems

Operating System

  • Microsoft Windows 2000

  • Microsoft Windows 2003 Server

  • Microsoft Windows Vista

  • Microsoft Windows Xp

  • Microsoft Windows-nt 2008

  • Microsoft Windows-nt Vista


References

CERT - TA08-099A

BID - 28570

VUPEN - ADV-2008-1145

SECTRACK - 1019798

MILW0RM - 6656

MS - MS08-021

SECUNIA - 29704

HP - HPSBST02329

OSVDB - 44215

MILW0RM - 5442

HP - SSRT080048


Last Updated: 27 May 2016 10:47:01