GDI+ Buffer Overflow in Microsoft Internet Explorer and Other Products
CVE-2008-3014

Currently unrated

Key Information:

Vendor: Microsoft
Status: Forefront Client Security; Server; Digital Image Suite; Internet Explorer
Vendor: CVE Published:; 11 September 2008

Summary

The GDI+ component in Microsoft products contains a vulnerability that may allow remote attackers to execute arbitrary code. This exploitation occurs through a specially crafted WMF image file, leading to improper memory allocation. Affected products include various versions of Internet Explorer, Windows operating systems, and Microsoft Office applications. Users should ensure they apply necessary patches to mitigate potential risks associated with this vulnerability.

References

http://secunia.com/advisories/32154

third-party-advisoryx_refsource_SECUNIA

http://marc.info/?l=bugtraq&m=122235754013992&w=2

vendor-advisoryx_refsource_HP

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

EPSS Score

71% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Sep 11, 2008
Vulnerability Reserved
Jul 7, 2008