Buffer Overrun in JPEG Processing (GDI+) Could Allow Code Execution [MS04-028]

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Buffer Overrun in JPEG Processing (GDI+) Could Allow Code Execution [MS04-028]
From: "Jérôme" ATHIAS <jerome.athias@xxxxxxxxxxxx>
Date: 14 Sep 2004 19:02:29 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm


A buffer overrun vulnerability exists in the processing of JPEG image formats 
that could allow remote code execution on an affected system. Any program that 
processes JPEG images on the affected systems could be vulnerable to this 
attack, and any system that uses the affected programs or components could be 
vulnerable to this attack. An attacker who successfully exploited this 
vulnerability could take complete control of an affected system.

CAN-2004-0200

http://www.microsoft.com/technet/security/Bulletin/MS04-028.mspx

Prev by Date: Rainbow tables for LM/NTLMv1 authentication
Next by Date: Microsoft Office WordPerfect Converter Buffer Overflow Vulnerability
Previous by thread: Rainbow tables for LM/NTLMv1 authentication
Next by thread: Microsoft Office WordPerfect Converter Buffer Overflow Vulnerability
Index(es):
- Date
- Thread