CVE Vulnerabilities

CVE-2004-0200

Published: Sep 28, 2004 | Modified: Oct 30, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
9.3 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.

Affected Software

Name Vendor Start Version End Version
.net_framework Microsoft 1.0 1.0
Digital_image_pro Microsoft 7.0 7.0
Digital_image_pro Microsoft 9 9
Digital_image_suite Microsoft 9 9
Excel Microsoft 2002 2002
Excel Microsoft 2003 2003
Frontpage Microsoft 2002 2002
Frontpage Microsoft 2003 2003
Greetings Microsoft 2002 2002
Infopath Microsoft 2003 2003
Office Microsoft 2003 2003
Office Microsoft xp xp
Onenote Microsoft 2003 2003
Outlook Microsoft 2002 2002
Outlook Microsoft 2003 2003
Picture_it Microsoft 7.0 7.0
Picture_it Microsoft 9 9
Picture_it Microsoft 2002 2002
Powerpoint Microsoft 2002 2002
Powerpoint Microsoft 2003 2003
Producer Microsoft * *
Project Microsoft 2002 2002
Project Microsoft 2003 2003
Publisher Microsoft 2002 2002
Publisher Microsoft 2003 2003
Visio Microsoft 2002 2002
Visio Microsoft 2003 2003
Visual_basic Microsoft 2002 2002
Visual_basic Microsoft 2003 2003
Visual_c# Microsoft 2002 2002
Visual_c# Microsoft 2003 2003
Visual_c++ Microsoft 2002 2002
Visual_c++ Microsoft 2003 2003
Visual_j#_.net Microsoft 2003 2003
Visual_studio_.net Microsoft 2002 2002
Visual_studio_.net Microsoft 2003 2003
Word Microsoft 2002 2002
Word Microsoft 2003 2003

References