GDI+ Vulnerability in Microsoft Products Allows Remote Code Execution
CVE-2007-5348

Currently unrated

Key Information:

Vendor

Microsoft
Status
Forefront Client Security
Office System
Server
Digital Image Suite
Vendor
CVE Published:
11 September 2008

What is CVE-2007-5348?

The GDI+ vulnerability in various Microsoft products allows attackers to execute arbitrary code remotely. By exploiting a crafted image file with specially sized gradients, an attacker can trigger a heap-based buffer overflow impacted by GdiPlus.dll and VGX.DLL. This flaw is critical as it could lead to unauthorized actions on a victim’s system, risking data integrity and security.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/32154
third-party-advisoryx_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=122235754013992&w=2
vendor-advisoryx_refsource_HP
https://docs.microsoft.com/en-us/security-updates/securit...
vendor-advisoryx_refsource_MS

EPSS Score

80% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.