Definition

GDI+ JPEG Parsing Engine Buffer Overflow (Project 2003)

oval:org.mitre.oval:def:3810

Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component GDIPlus.dll allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.

Family:

windows

Status:

ACCEPTED

Platform(s):

Microsoft Windows NT
Microsoft Windows 2000
Microsoft Windows XP

Class:

vulnerability

Reference(s):

CVE-2004-0200

Product(s):

Microsoft Project Professional 2003