CVE-2004-0200 - Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI

CVE-2004-0200

Summary

Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.

References

Vulnerable Configurations

cpe:2.3:a:microsoft:.net_framework:1.0:sp2:sdk:*:*:*:*:*
cpe:2.3:a:microsoft:.net_framework:1.0:sp2:sdk:*:*:*:*:*
cpe:2.3:a:microsoft:digital_image_pro:7.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:digital_image_pro:7.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:digital_image_pro:9:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:digital_image_pro:9:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:digital_image_suite:9:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:digital_image_suite:9:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:excel:2002:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:excel:2002:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:excel:2003:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:excel:2003:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:frontpage:2002:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:frontpage:2002:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:frontpage:2003:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:frontpage:2003:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:greetings:2002:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:greetings:2002:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:infopath:2003:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:infopath:2003:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2003:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2003:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:xp:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:xp:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:onenote:2003:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:onenote:2003:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:outlook:2002:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:outlook:2002:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:outlook:2003:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:outlook:2003:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:picture_it:7.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:picture_it:7.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:picture_it:9:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:picture_it:9:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:picture_it:2002:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:picture_it:2002:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:powerpoint:2002:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:powerpoint:2002:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:powerpoint:2003:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:powerpoint:2003:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:producer:*:gold:office_powerpoints:*:*:*:*:*
cpe:2.3:a:microsoft:producer:*:gold:office_powerpoints:*:*:*:*:*
cpe:2.3:a:microsoft:project:2002:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:project:2002:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:project:2003:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:project:2003:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:publisher:2002:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:publisher:2002:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:publisher:2003:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:publisher:2003:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:visio:2002:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:visio:2002:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:visio:2003:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:visio:2003:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:visual_basic:2002:*:.net_standard:*:*:*:*:*
cpe:2.3:a:microsoft:visual_basic:2002:*:.net_standard:*:*:*:*:*
cpe:2.3:a:microsoft:visual_basic:2003:*:.net_standard:*:*:*:*:*
cpe:2.3:a:microsoft:visual_basic:2003:*:.net_standard:*:*:*:*:*
cpe:2.3:a:microsoft:visual_c\#:2002:*:.net_standard:*:*:*:*:*
cpe:2.3:a:microsoft:visual_c\#:2002:*:.net_standard:*:*:*:*:*
cpe:2.3:a:microsoft:visual_c\#:2003:*:.net_standard:*:*:*:*:*
cpe:2.3:a:microsoft:visual_c\#:2003:*:.net_standard:*:*:*:*:*
cpe:2.3:a:microsoft:visual_c\+\+:2002:*:.net_standard:*:*:*:*:*
cpe:2.3:a:microsoft:visual_c\+\+:2002:*:.net_standard:*:*:*:*:*
cpe:2.3:a:microsoft:visual_c\+\+:2003:*:.net_standard:*:*:*:*:*
cpe:2.3:a:microsoft:visual_c\+\+:2003:*:.net_standard:*:*:*:*:*
cpe:2.3:a:microsoft:visual_j\#_.net:2003:*:.net_standard:*:*:*:*:*
cpe:2.3:a:microsoft:visual_j\#_.net:2003:*:.net_standard:*:*:*:*:*
cpe:2.3:a:microsoft:visual_studio_.net:2002:gold:*:*:*:*:*:*
cpe:2.3:a:microsoft:visual_studio_.net:2002:gold:*:*:*:*:*:*
cpe:2.3:a:microsoft:visual_studio_.net:2003:gold:*:*:*:*:*:*
cpe:2.3:a:microsoft:visual_studio_.net:2003:gold:*:*:*:*:*:*
cpe:2.3:a:microsoft:word:2002:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:word:2002:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:word:2003:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:word:2003:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:r2:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:r2:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:gold:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:gold:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp1:64-bit:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp1:64-bit:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp1:tablet_pc:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp1:tablet_pc:*:*:*:*:*

CVSS

Base:	9.3 (as of 30-10-2018 - 16:25)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:M/Au:N/C:C/I:C/A:C

oval via4

accepted

2006-01-04T08:04:00.000-04:00

class

vulnerability

contributors

name Ingrid Skoog
organization The MITRE Corporation
name Robert L. Hollis
organization ThreatGuard, Inc.

description

family

windows

oval:org.mitre.oval:def:1105

status

accepted

submitted

2004-09-20T03:22:00.000-04:00

title

GDI+ JPEG Parsing Engine Buffer Overflow (Server 2003)

version

accepted

2014-01-20T04:00:16.348-05:00

class

vulnerability

contributors

name Ingrid Skoog
organization The MITRE Corporation
name Ingrid Skoog
organization The MITRE Corporation
name Robert L. Hollis
organization ThreatGuard, Inc.
name John Hoyland
organization Centennial Software
name John Hoyland
organization Centennial Software
name Maria Kedovskaya
organization ALTX-SOFT

description

family

windows

oval:org.mitre.oval:def:1721

status

accepted

submitted

2004-09-24T04:32:00.000-04:00

title

GDI+ JPEG Parsing Engine Buffer Overflow (VS.NET 2003)

version

accepted

2012-05-28T04:01:36.867-04:00

class

vulnerability

contributors

name Ingrid Skoog
organization The MITRE Corporation
name Ingrid Skoog
organization The MITRE Corporation
name Ingrid Skoog
organization The MITRE Corporation
name Robert L. Hollis
organization ThreatGuard, Inc.
name Robert L. Hollis
organization ThreatGuard, Inc.
name Jonathan Baker
organization The MITRE Corporation
name Shane Shaffer
organization G2, Inc.

definition_extensions

comment	Microsoft Office 2003 is installed
oval	oval:org.mitre.oval:def:233

description

family

windows

oval:org.mitre.oval:def:2706

status

accepted

submitted

2004-09-24T12:00:00.000-04:00

title

GDI+ JPEG Parsing Engine Buffer Overflow (Office 2003)

version

accepted

2006-01-12T08:59:00.000-04:00

class

vulnerability

contributors

name Ingrid Skoog
organization The MITRE Corporation
name Ingrid Skoog
organization The MITRE Corporation
name Ingrid Skoog
organization The MITRE Corporation
name Robert L. Hollis
organization ThreatGuard, Inc.

description

family

windows

oval:org.mitre.oval:def:3038

status

accepted

submitted

2004-09-27T12:00:00.000-04:00

title

GDI+ JPEG Parsing Engine Buffer Overflow (Project 2002,SP1)

version

accepted

2006-01-12T08:59:00.000-04:00

class

vulnerability

contributors

name Ingrid Skoog
organization The MITRE Corporation
name Ingrid Skoog
organization The MITRE Corporation
name Ingrid Skoog
organization The MITRE Corporation
name Robert L. Hollis
organization ThreatGuard, Inc.

description

family

windows

oval:org.mitre.oval:def:3082

status

accepted

submitted

2004-09-27T12:00:00.000-04:00

title

GDI+ JPEG Parsing Engine Buffer Overflow (Visio Pro 2002)

version

accepted

2007-07-03T14:05:59.508-04:00

class

vulnerability

contributors

name Ingrid Skoog
organization The MITRE Corporation
name Ingrid Skoog
organization The MITRE Corporation
name Ingrid Skoog
organization The MITRE Corporation
name Robert L. Hollis
organization ThreatGuard, Inc.
name Robert L. Hollis
organization ThreatGuard, Inc.

definition_extensions

comment	Microsoft Office Visio 2003 is installed
oval	oval:org.mitre.oval:def:1450

description

family

windows

oval:org.mitre.oval:def:3320

status

accepted

submitted

2004-09-27T12:00:00.000-04:00

title

GDI+ JPEG Parsing Engine Buffer Overflow Microsoft Office Visio Pro 2003

version

accepted

2006-01-12T08:59:00.000-04:00

class

vulnerability

contributors

name Ingrid Skoog
organization The MITRE Corporation
name Ingrid Skoog
organization The MITRE Corporation
name Ingrid Skoog
organization The MITRE Corporation
name Robert L. Hollis
organization ThreatGuard, Inc.

description

family

windows

oval:org.mitre.oval:def:3810

status

accepted

submitted

2004-09-24T12:00:00.000-04:00

title

GDI+ JPEG Parsing Engine Buffer Overflow (Project 2003)

version

accepted

2006-01-12T08:59:00.000-04:00

class

vulnerability

contributors

name Ingrid Skoog
organization The MITRE Corporation
name Ingrid Skoog
organization The MITRE Corporation
name Robert L. Hollis
organization ThreatGuard, Inc.

description

family

windows

oval:org.mitre.oval:def:3881

status

accepted

submitted

2004-10-04T12:00:00.000-04:00

title

GDI+ JPEG Parsing Engine Buffer Overflow (Office XP,SP2)

version

accepted

2006-01-12T08:59:00.000-04:00

class

vulnerability

contributors

name Ingrid Skoog
organization The MITRE Corporation
name Robert L. Hollis
organization ThreatGuard, Inc.

description

family

windows

oval:org.mitre.oval:def:4003

status

accepted

submitted

2004-09-20T03:32:00.000-04:00

title

GDI+ JPEG Parsing Engine Buffer Overflow (Windows XP)

version

accepted

2014-02-24T04:03:18.221-05:00

class

vulnerability

contributors

name Ingrid Skoog
organization The MITRE Corporation
name Robert L. Hollis
organization ThreatGuard, Inc.
name Robert L. Hollis
organization ThreatGuard, Inc.
name Clifford Farrugia
organization GFI Software
name Maria Mikhno
organization ALTX-SOFT

description

family

windows

oval:org.mitre.oval:def:4216

status

accepted

submitted

2004-10-04T09:55:00.000-04:00

title

GDI+ JPEG Parsing Engine Buffer Overflow (IE6)

version

accepted

2014-01-20T04:01:19.269-05:00

class

vulnerability

contributors

name Ingrid Skoog
organization The MITRE Corporation
name Robert L. Hollis
organization ThreatGuard, Inc.
name John Hoyland
organization Centennial Software
name John Hoyland
organization Centennial Software
name Maria Kedovskaya
organization ALTX-SOFT

description

family

windows

oval:org.mitre.oval:def:4307

status

accepted

submitted

2004-09-30T11:37:00.000-04:00

title

GDI+ JPEG Parsing Engine Buffer Overflow (VS.NET 2002)

version

refmap via4

bugtraq	20040914 Microsoft GDIPlus.DLL JPEG Parsing Engine Buffer Overflow
cert	TA04-260A
cert-vn	VU#297462
xf	win-jpeg-bo(16304)

Last major update

30-10-2018 - 16:25

Published

28-09-2004 - 04:00

Last modified

30-10-2018 - 16:25