Vulnerability Note VU#685364

Microsoft Internet Explorer contains a double-free vulnerability in the processing of GIF files

Original Release date: 30 Jul 2004 | Last revised: 03 Aug 2004


A double-free vulnerability in Microsoft's Internet Explorer (IE) web browser could allow a remote attacker to cause a denial-of-service condition or execute arbitrary code on a vulnerable system.


Microsoft Internet Explorer (IE) is a web browser. A double-free vulnerability has been discovered in the way that Internet Explorer processes GIF image files. When processing GIF image files, the routine responsible for freeing memory may attempt to free the same memory reference more than once. Deallocating the already freed memory can lead to memory corruption, which could cause a denial-of-service condition or potentially be leveraged by an attacker to execute arbitrary code.


A remote attacker may be able to cause a denial of service or potentially execute arbitrary code on a vulnerable system by introducing a specially crafted GIF file. This malicious GIF image may be introduced to the system via a malicious web page, HTML email, or an email attachment.


Apply Patch

Apply a patch as described in Microsoft Security Bulletin MS04-025.

Systems Affected (Learn More)

VendorStatusDate NotifiedDate Updated
Microsoft CorporationAffected-30 Jul 2004
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A N/A



This vulnerability was reported by Marc Ruef.

This document was written by Damon Morda.

Other Information

  • CVE IDs: CAN-2003-1048
  • Date Public: 02 Sep 2003
  • Date First Published: 30 Jul 2004
  • Date Last Updated: 03 Aug 2004
  • Severity Metric: 25.31
  • Document Revision: 15


If you have feedback, comments, or additional information about this vulnerability, please send us email.