Vulnerability Note VU#297462
Microsoft Windows GDI+ contains a buffer overflow vulnerability in the JPEG parsing component
Overview
A buffer overflow vulnerability in the Microsoft Windows GDI+ JPEG parsing component could allow a remote attacker to execute arbitrary code on a vulnerable system.
Description
Microsoft Windows Graphics Device Interface (GDI+) is an application programming interface (API) that provides programmers the ability to display information on screens and printers. GDI+ includes the ability to process JPEG image files. There is a buffer overflow vulnerability in the way the JPEG parsing component of GDI+ (Gdiplus.dll) handles malformed JPEG images. By introducing a specially crafted JPEG file to the vulnerable component, a remote attacker could trigger a buffer overflow condition. Microsoft notes that Windows XP, Windows XP Service Pack 1, and Windows Server 2003 provide the operating system version of the affected component. For backward compatibility, some third-party applications may install their own copy of the affected component. These include Office XP, Visio 2002, Project 2002, Office 2003, Visio 2003, and Project 2003. If any of these applications are installed on your system, you should apply the patch for these applications. If you use Windows XP, Windows XP Service Pack 1, or Windows Server 2003, you must also install the operating system patch. |
Impact
A remote, unauthenticated attacker could potentially execute arbitrary code on a vulnerable system by introducing a specially crafted JPEG file. This malicious JPEG image may be introduced to the system via a malicious web page, HTML email, or an email attachment. |
Solution
Apply Patch |
Systems Affected (Learn More)
| Vendor | Status | Date Notified | Date Updated |
|---|---|---|---|
| Apple Computer Inc. | Affected | 14 Sep 2004 | 28 Apr 2005 |
| Microsoft Corporation | Affected | - | 14 Sep 2004 |
| Chiaro Networks | Not Affected | 14 Sep 2004 | 16 Sep 2004 |
| Clavister | Not Affected | 14 Sep 2004 | 17 Sep 2004 |
| Extreme Networks | Not Affected | 14 Sep 2004 | 16 Sep 2004 |
| Finjan Software | Not Affected | 14 Sep 2004 | 29 Sep 2004 |
| Foundry Networks Inc. | Not Affected | 14 Sep 2004 | 16 Sep 2004 |
| Intoto | Not Affected | 14 Sep 2004 | 16 Sep 2004 |
| Macromedia Inc. | Not Affected | 15 Sep 2004 | 30 Sep 2004 |
| Network Appliance | Not Affected | 14 Sep 2004 | 17 Dec 2004 |
| Opera Software | Not Affected | 14 Sep 2004 | 16 Sep 2004 |
| WatchGuard | Not Affected | 14 Sep 2004 | 16 Sep 2004 |
| 3Com | Unknown | 14 Sep 2004 | 16 Sep 2004 |
| Adobe Systems Incorporated | Unknown | 14 Sep 2004 | 16 Sep 2004 |
| Aladdin Knowledge Systems | Unknown | 14 Sep 2004 | 16 Sep 2004 |
CVSS Metrics (Learn More)
| Group | Score | Vector |
|---|---|---|
| Base | N/A | N/A |
| Temporal | N/A | N/A |
| Environmental | N/A | N/A |
References
- http://www.microsoft.com/technet/security/bulletin/MS04-028.mspx
- http://support.microsoft.com/default.aspx?scid=kb;EN-US;873374
- http://msdn.microsoft.com/library/en-us/gdicpp/GDIPlus/GDIPlus.asp
- http://secunia.com/advisories/12528/
Credit
This vulnerability was reported by Microsoft. In turn, Microsoft credits Nick DeBaggis for discovering this vulnerability.
This document was written by Damon Morda and Jason A. Rafail, and is based on information provided by Microsoft.
Other Information
- CVE IDs: CAN-2004-0200
- Date Public: 14 Sep 2004
- Date First Published: 14 Sep 2004
- Date Last Updated: 17 Dec 2004
- Severity Metric: 33.75
- Document Revision: 25
Feedback
If you have feedback, comments, or additional information about this vulnerability, please send us email.
View Notes By
Report a Vulnerability
Please use the Vulnerability Reporting Form to report a vulnerability. Alternatively, you can send us email. Be sure to read our vulnerability disclosure policy.