Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
20 Nov 2024, 23:47
Type | Values Removed | Values Added |
---|---|---|
References | () http://marc.info/?l=bugtraq&m=109524346729948&w=2 - | |
References | () http://www.kb.cert.org/vuls/id/297462 - US Government Resource | |
References | () http://www.us-cert.gov/cas/techalerts/TA04-260A.html - US Government Resource | |
References | () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-028 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/16304 - | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1105 - | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1721 - | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2706 - | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3038 - | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3082 - | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3320 - | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3810 - | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3881 - | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4003 - | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4216 - | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4307 - |
Information
Published : 2004-09-28 04:00
Updated : 2024-11-20 23:47
NVD link : CVE-2004-0200
Mitre link : CVE-2004-0200
CVE.ORG link : CVE-2004-0200
JSON object : View
Products Affected
microsoft
- visio
- digital_image_pro
- visual_c\#
- visual_basic
- excel
- infopath
- windows_2003_server
- office
- word
- digital_image_suite
- visual_studio_.net
- onenote
- .net_framework
- project
- publisher
- visual_j\#_.net
- windows_xp
- powerpoint
- producer
- picture_it
- visual_c\+\+
- outlook
- frontpage
- greetings
CWE