Definition

GDI+ JPEG Parsing Engine Buffer Overflow (IE6)

oval:org.mitre.oval:def:4216

Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component GDIPlus.dll allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.

Family:

windows

Status:

ACCEPTED

Platform(s):

Microsoft Windows 2000

Class:

vulnerability

Reference(s):

CVE-2004-0200

Product(s):

Microsoft Internet Explorer