Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2245

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2008-2245
Last Modified 17 Oct 2011 12:00:00
Published 12 Aug 2008 08:41:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-2245

Summary

Heap-based buffer overflow in the InternalOpenColorProfile function in mscms.dll in Microsoft Windows Image Color Management System (MSCMS) in the Image Color Management (ICM) component on Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted image file.

Vulnerable Systems

Operating System

  • Microsoft Windows 2000

  • Microsoft Windows 2003 Server

  • Microsoft Windows Xp


References

CERT-VN - VU#309739

CERT - TA08-225A

BID - 30594

MS - MS08-046

SECUNIA - 31385

VUPEN - ADV-2008-2350

SECTRACK - 1020675

MILW0RM - 6732

HP - HPSBST02360

IDEFENSE - 20080812 Microsoft Windows Color Management Module Heap Buffer Overflow Vulnerability

HP - SSRT080117


Last Updated: 27 May 2016 10:47:28