ID CVE-2004-0200
Summary Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.
References
Vulnerable Configurations
  • cpe:2.3:a:microsoft:.net_framework:1.0:sp2:sdk:*:*:*:*:*
    cpe:2.3:a:microsoft:.net_framework:1.0:sp2:sdk:*:*:*:*:*
  • cpe:2.3:a:microsoft:digital_image_pro:7.0:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:digital_image_pro:7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:digital_image_pro:9:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:digital_image_pro:9:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:digital_image_suite:9:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:digital_image_suite:9:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:excel:2002:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:excel:2002:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:excel:2003:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:excel:2003:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:frontpage:2002:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:frontpage:2002:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:frontpage:2003:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:frontpage:2003:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:greetings:2002:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:greetings:2002:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:infopath:2003:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:infopath:2003:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:office:2003:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:office:2003:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:office:xp:sp3:*:*:*:*:*:*
    cpe:2.3:a:microsoft:office:xp:sp3:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:onenote:2003:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:onenote:2003:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:outlook:2002:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:outlook:2002:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:outlook:2003:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:outlook:2003:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:picture_it:7.0:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:picture_it:7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:picture_it:9:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:picture_it:9:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:picture_it:2002:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:picture_it:2002:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:powerpoint:2002:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:powerpoint:2002:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:powerpoint:2003:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:powerpoint:2003:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:producer:*:gold:office_powerpoints:*:*:*:*:*
    cpe:2.3:a:microsoft:producer:*:gold:office_powerpoints:*:*:*:*:*
  • cpe:2.3:a:microsoft:project:2002:sp1:*:*:*:*:*:*
    cpe:2.3:a:microsoft:project:2002:sp1:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:project:2003:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:project:2003:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:publisher:2002:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:publisher:2002:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:publisher:2003:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:publisher:2003:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visio:2002:sp2:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visio:2002:sp2:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visio:2003:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visio:2003:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_basic:2002:*:.net_standard:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_basic:2002:*:.net_standard:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_basic:2003:*:.net_standard:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_basic:2003:*:.net_standard:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_c\#:2002:*:.net_standard:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_c\#:2002:*:.net_standard:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_c\#:2003:*:.net_standard:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_c\#:2003:*:.net_standard:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_c\+\+:2002:*:.net_standard:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_c\+\+:2002:*:.net_standard:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_c\+\+:2003:*:.net_standard:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_c\+\+:2003:*:.net_standard:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_j\#_.net:2003:*:.net_standard:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_j\#_.net:2003:*:.net_standard:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_.net:2002:gold:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_.net:2002:gold:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_.net:2003:gold:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_.net:2003:gold:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:word:2002:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:word:2002:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:word:2003:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:word:2003:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_2003_server:r2:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_2003_server:r2:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_xp:*:gold:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_xp:*:gold:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_xp:*:sp1:64-bit:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_xp:*:sp1:64-bit:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_xp:*:sp1:tablet_pc:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_xp:*:sp1:tablet_pc:*:*:*:*:*
CVSS
Base: 9.3 (as of 30-10-2018 - 16:25)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:M/Au:N/C:C/I:C/A:C
oval via4
  • accepted 2006-01-04T08:04:00.000-04:00
    class vulnerability
    contributors
    • name Ingrid Skoog
      organization The MITRE Corporation
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    description Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.
    family windows
    id oval:org.mitre.oval:def:1105
    status accepted
    submitted 2004-09-20T03:22:00.000-04:00
    title GDI+ JPEG Parsing Engine Buffer Overflow (Server 2003)
    version 64
  • accepted 2014-01-20T04:00:16.348-05:00
    class vulnerability
    contributors
    • name Ingrid Skoog
      organization The MITRE Corporation
    • name Ingrid Skoog
      organization The MITRE Corporation
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name John Hoyland
      organization Centennial Software
    • name John Hoyland
      organization Centennial Software
    • name Maria Kedovskaya
      organization ALTX-SOFT
    description Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.
    family windows
    id oval:org.mitre.oval:def:1721
    status accepted
    submitted 2004-09-24T04:32:00.000-04:00
    title GDI+ JPEG Parsing Engine Buffer Overflow (VS.NET 2003)
    version 34
  • accepted 2012-05-28T04:01:36.867-04:00
    class vulnerability
    contributors
    • name Ingrid Skoog
      organization The MITRE Corporation
    • name Ingrid Skoog
      organization The MITRE Corporation
    • name Ingrid Skoog
      organization The MITRE Corporation
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Jonathan Baker
      organization The MITRE Corporation
    • name Shane Shaffer
      organization G2, Inc.
    definition_extensions
    comment Microsoft Office 2003 is installed
    oval oval:org.mitre.oval:def:233
    description Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.
    family windows
    id oval:org.mitre.oval:def:2706
    status accepted
    submitted 2004-09-24T12:00:00.000-04:00
    title GDI+ JPEG Parsing Engine Buffer Overflow (Office 2003)
    version 8
  • accepted 2006-01-12T08:59:00.000-04:00
    class vulnerability
    contributors
    • name Ingrid Skoog
      organization The MITRE Corporation
    • name Ingrid Skoog
      organization The MITRE Corporation
    • name Ingrid Skoog
      organization The MITRE Corporation
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    description Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.
    family windows
    id oval:org.mitre.oval:def:3038
    status accepted
    submitted 2004-09-27T12:00:00.000-04:00
    title GDI+ JPEG Parsing Engine Buffer Overflow (Project 2002,SP1)
    version 7
  • accepted 2006-01-12T08:59:00.000-04:00
    class vulnerability
    contributors
    • name Ingrid Skoog
      organization The MITRE Corporation
    • name Ingrid Skoog
      organization The MITRE Corporation
    • name Ingrid Skoog
      organization The MITRE Corporation
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    description Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.
    family windows
    id oval:org.mitre.oval:def:3082
    status accepted
    submitted 2004-09-27T12:00:00.000-04:00
    title GDI+ JPEG Parsing Engine Buffer Overflow (Visio Pro 2002)
    version 8
  • accepted 2007-07-03T14:05:59.508-04:00
    class vulnerability
    contributors
    • name Ingrid Skoog
      organization The MITRE Corporation
    • name Ingrid Skoog
      organization The MITRE Corporation
    • name Ingrid Skoog
      organization The MITRE Corporation
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    definition_extensions
    comment Microsoft Office Visio 2003 is installed
    oval oval:org.mitre.oval:def:1450
    description Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.
    family windows
    id oval:org.mitre.oval:def:3320
    status accepted
    submitted 2004-09-27T12:00:00.000-04:00
    title GDI+ JPEG Parsing Engine Buffer Overflow Microsoft Office Visio Pro 2003
    version 10
  • accepted 2006-01-12T08:59:00.000-04:00
    class vulnerability
    contributors
    • name Ingrid Skoog
      organization The MITRE Corporation
    • name Ingrid Skoog
      organization The MITRE Corporation
    • name Ingrid Skoog
      organization The MITRE Corporation
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    description Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.
    family windows
    id oval:org.mitre.oval:def:3810
    status accepted
    submitted 2004-09-24T12:00:00.000-04:00
    title GDI+ JPEG Parsing Engine Buffer Overflow (Project 2003)
    version 7
  • accepted 2006-01-12T08:59:00.000-04:00
    class vulnerability
    contributors
    • name Ingrid Skoog
      organization The MITRE Corporation
    • name Ingrid Skoog
      organization The MITRE Corporation
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    description Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.
    family windows
    id oval:org.mitre.oval:def:3881
    status accepted
    submitted 2004-10-04T12:00:00.000-04:00
    title GDI+ JPEG Parsing Engine Buffer Overflow (Office XP,SP2)
    version 7
  • accepted 2006-01-12T08:59:00.000-04:00
    class vulnerability
    contributors
    • name Ingrid Skoog
      organization The MITRE Corporation
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    description Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.
    family windows
    id oval:org.mitre.oval:def:4003
    status accepted
    submitted 2004-09-20T03:32:00.000-04:00
    title GDI+ JPEG Parsing Engine Buffer Overflow (Windows XP)
    version 64
  • accepted 2014-02-24T04:03:18.221-05:00
    class vulnerability
    contributors
    • name Ingrid Skoog
      organization The MITRE Corporation
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Clifford Farrugia
      organization GFI Software
    • name Maria Mikhno
      organization ALTX-SOFT
    description Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.
    family windows
    id oval:org.mitre.oval:def:4216
    status accepted
    submitted 2004-10-04T09:55:00.000-04:00
    title GDI+ JPEG Parsing Engine Buffer Overflow (IE6)
    version 10
  • accepted 2014-01-20T04:01:19.269-05:00
    class vulnerability
    contributors
    • name Ingrid Skoog
      organization The MITRE Corporation
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name John Hoyland
      organization Centennial Software
    • name John Hoyland
      organization Centennial Software
    • name Maria Kedovskaya
      organization ALTX-SOFT
    description Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.
    family windows
    id oval:org.mitre.oval:def:4307
    status accepted
    submitted 2004-09-30T11:37:00.000-04:00
    title GDI+ JPEG Parsing Engine Buffer Overflow (VS.NET 2002)
    version 33
refmap via4
bugtraq 20040914 Microsoft GDIPlus.DLL JPEG Parsing Engine Buffer Overflow
cert TA04-260A
cert-vn VU#297462
ms MS04-028
xf win-jpeg-bo(16304)
Last major update 30-10-2018 - 16:25
Published 28-09-2004 - 04:00
Back to Top