CVE Vulnerabilities

CVE-2007-3034

Published: Aug 14, 2007 | Modified: Feb 26, 2019
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
9.3 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

Integer overflow in the AttemptWrite function in Graphics Rendering Engine (GDI) on Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted metafile (image) with a large record length value, which triggers a heap-based buffer overflow.

Affected Software

Name Vendor Start Version End Version
Windows_xp Microsoft * *
Windows_2000 Microsoft * *
Windows_server_2003 Microsoft * *
Windows_xp Microsoft * *
Windows_2003_server Microsoft * *
Windows_2003_server Microsoft * *

References