|
|
CVE Reference: CVE-2007-3034 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2007-3034 |
|
|
Description: Integer overflow in the AttemptWrite function in Graphics Rendering Engine (GDI) on Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted metafile (image) with a large record length value, which triggers a heap-based buffer overflow. |
|
|
CVE Status: Candidate |
|
|
References: ST 1018563 SAID Secunia Advisory: SA26423 OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:2088 MS http://www.microsoft.com/technet/security/bulletin/ms07-046.mspx CERT-VN 640136 CERT http://www.us-cert.gov/cas/techalerts/TA07-226A.html BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/476505/100/0/threaded BID 25302 |
|
| Return to the previous page. |
