|
 |
|
Microsoft Multiple Products JPEG Processing Buffer Overflow Vulnerability
|
|
|
|
|
Secunia Advisory:
|
SA12528
|
|
|
Release Date:
|
2004-09-14
|
|
Last Update:
|
2004-12-15
|
|
|
Critical:
|
Highly critical
|
|
Impact:
|
System access
|
|
Where:
|
From remote
|
|
Solution Status:
|
Vendor Patch
|
|
| OS: | Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Web Edition
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional
|
| | Software: | Microsoft .NET Framework 1.x
Microsoft Digital Image Pro 7.x
Microsoft Digital Image Pro 9.x
Microsoft Digital Image Suite 9.x
Microsoft Frontpage 2002
Microsoft Greetings 2002
Microsoft Internet Explorer 6.x
Microsoft Office 2003 Professional Edition
Microsoft Office 2003 Small Business Edition
Microsoft Office 2003 Standard Edition
Microsoft Office 2003 Student and Teacher Edition
Microsoft Office XP
Microsoft Outlook 2002
Microsoft Outlook 2003
Microsoft Picture It! 2002
Microsoft Picture It! 7.x
Microsoft Picture It! 9.x
Microsoft PowerPoint 2002
Microsoft Producer for Microsoft Office PowerPoint 2003
Microsoft Project 2002
Microsoft Project 2003
Microsoft Publisher 2002
Microsoft Visio 2002
Microsoft Visio 2003
Microsoft Visual FoxPro 8.x
Microsoft Visual Studio .NET 2002
Microsoft Visual Studio .NET 2003
Microsoft Word 2002
|
| | CVE reference: | CVE-2004-0200 (Secunia mirror)
|
|
|
Want to know the next time vulnerabilities are fixed in this product?
- Companies can be alerted via email and SMS! |
|
|
Description:
Nick DeBaggis has reported a vulnerability in multiple Microsoft products, which can be exploited by malicious people to compromise a user's system.
The vulnerability in caused due to a boundary error within the GDI+ JPEG Parsing component (Gdiplus.dll). This can be exploited to cause a buffer overflow by tricking a user into viewing a specially crafted JPEG image with any application using the vulnerable component for JPEG image processing.
Successful exploitation allows execution of arbitrary code with the privileges of the user.
The following products are affected:
* Microsoft Windows XP and Microsoft Windows XP Service Pack 1
* Microsoft Windows XP 64-Bit Edition Service Pack 1
* Microsoft Windows XP 64-Bit Edition Version 2003
* Microsoft Windows Server 2003
* Microsoft Windows Server 2003 64-Bit Edition
* Microsoft Office XP Service Pack 3
* Microsoft Office 2003
* Microsoft Project 2002 Service Pack 1 (all versions)
* Microsoft Project 2003 (all versions)
* Microsoft Visio 2002 Service Pack 2 (all versions)
* Microsoft Visio 2003 (all versions)
* Microsoft Visual Studio .NET 2002
* Microsoft Visual Studio .NET 2003
* Microsoft .NET Framework version 1.0 SDK Service Pack 2
* Microsoft Picture It! 2002 (all versions)
* Microsoft Greetings 2002
* Microsoft Picture It! version 7.0 (all versions)
* Microsoft Digital Image Pro version 7.0
* Microsoft Picture It! version 9 (all versions, including Picture It! Library)
* Microsoft Digital Image Pro version 9
* Microsoft Digital Image Suite version 9
* Microsoft Producer for Microsoft Office PowerPoint (all versions)
* Microsoft Platform SDK Redistributable: GDI+
* Internet Explorer 6 Service Pack 1
* Microsoft .NET Framework version 1.0 Service Pack 2
* Microsoft .NET Framework version 1.1
* Microsoft Visual FoxPro 8.0
* Microsoft Visual FoxPro 8.0 Runtime Library
NOTE: Office 2003 Service Pack 1, Visio 2003 Service Pack 1, and Project 2003 Service Pack 1 are NOT affected. Also note that Windows XP Service Pack 2 is NOT vulnerable, but systems running this version may still be affected if a vulnerable Office, Visio, or Project application is installed.
NOTE: Systems may also still be vulnerable if an installed third party application has installed the vulnerable component and uses it for JPEG image processing.
Do you have this product installed on your home computer? Scan using the free Personal Software Inspector. Check if a vulnerable version is installed on computers in your corporate network, using the Network Software Inspector.
Solution:
Microsoft has issued patches (see original vendor advisory).
Provided and/or discovered by:
Nick DeBaggis
Changelog:
2004-09-15: Added link to US-CERT vulnerability note.
2004-12-15: Vendor issues security updates for Microsoft .NET Framework version 1.0 Service Pack 2, Microsoft .NET Framework version 1.1, Visual FoxPro 8.0, and Visual FoxPro 8.0 Runtime Library.
Original Advisory:
MS04-028 (KB833987):
http://www.microsoft.com/technet/security/bulletin/ms04-028.mspx
Other References:
KB article describing a tool, which can identify vulnerable components on a system:
http://support.microsoft.com/default.aspx?scid=kb;EN-US;873374
US-CERT VU#297462:
http://www.kb.cert.org/vuls/id/297462
|
|
|
|
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
|
|
|
429 Related Secunia Security Advisories, displaying 10
|
|
|
1. Microsoft Windows XP I2O Utility Filter Driver Privilege Escalation
|
|
2. Microsoft Publisher Object Handler Validation Vulnerability
|
|
3. Microsoft Word Two Code Execution Vulnerabilities
|
|
4. Internet Explorer "Print Table of Links" Cross-Zone Scripting
|
|
5. Microsoft Windows Privilege Escalation Vulnerability
|
|
6. Microsoft Windows Kernel Privilege Escalation Vulnerability
|
|
7. Microsoft Windows hxvz.dll ActiveX Control Memory Corruption
|
|
8. Microsoft VBScript/JScript Script Decoding Buffer Overflow
|
|
9. Microsoft Windows GDI Image Parsing Buffer Overflows
|
|
10. Microsoft Windows DNS Client Predictable Transaction ID Vulnerability
|
Show all related advisories
|
|
|
Send Feedback to Secunia
|
|
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.
|
|
|
|
|
|
Secunia PSI
Scan | Patch | Track
Free Download
|
|
|
Secunia Poll
|
|
|
|
|
 |
|
|
Most Popular Advisories
|
|
|
|
|
|
