New Search

GDI+ JPEG Parsing Engine Buffer Overflow (VS.NET 2003)

oval:org.mitre.oval:def:1721

Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component GDIPlus.dll allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows NT
  • Microsoft Windows 2000
  • Microsoft Windows XP
Class:
vulnerability
Reference(s):
  • CVE-2004-0200
Product(s):
  • Microsoft Visual Studio .NET 2003