CVE Vulnerabilities

CVE-2004-0200

Published: Sep 28, 2004 | Modified: Oct 30, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
9.3 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.

Affected Software

Name Vendor Start Version End Version
Frontpage Microsoft 2003 2003
Visual_j#_.net Microsoft 2003 2003
Visual_c++ Microsoft 2003 2003
Digital_image_pro Microsoft 9 9
Visual_studio_.net Microsoft 2003 2003
Project Microsoft 2002 2002
Visual_basic Microsoft 2003 2003
Visual_c++ Microsoft 2002 2002
Project Microsoft 2003 2003
Picture_it Microsoft 7.0 7.0
Powerpoint Microsoft 2002 2002
Office Microsoft xp xp
Outlook Microsoft 2003 2003
Digital_image_suite Microsoft 9 9
Powerpoint Microsoft 2003 2003
Infopath Microsoft 2003 2003
Publisher Microsoft 2002 2002
Visual_basic Microsoft 2002 2002
Frontpage Microsoft 2002 2002
Word Microsoft 2003 2003
Excel Microsoft 2002 2002
Picture_it Microsoft 2002 2002
Visio Microsoft 2002 2002
Picture_it Microsoft 9 9
Greetings Microsoft 2002 2002
Publisher Microsoft 2003 2003
Onenote Microsoft 2003 2003
Visual_c# Microsoft 2003 2003
Word Microsoft 2002 2002
Visual_c# Microsoft 2002 2002
Visio Microsoft 2003 2003
Excel Microsoft 2003 2003
Office Microsoft 2003 2003
Producer Microsoft * *
Outlook Microsoft 2002 2002
.net_framework Microsoft 1.0 1.0
Visual_studio_.net Microsoft 2002 2002
Digital_image_pro Microsoft 7.0 7.0

References