exploits , vulnerabilities , articles , Microsoft GDI+ Malformed Office BMP File Integer Overflow Remote Code Execution Vulnerability

Title	Microsoft GDI+ Malformed Office BMP File Integer Overflow Remote Code Execution Vulnerability
Published	2009-10-13-12:00AM
Updated	2009-10-14-05:19PM
Class	Boundary Condition Error
CVE	CVE-2009-2518
Remote	Yes
Local	No
Credit	Carsten H. Eiram of Secunia
Vulnerable	Microsoft Office XP SP3 Microsoft Excel 2002 SP3 Microsoft Excel 2002 SP3 Microsoft FrontPage 2002 SP3 Microsoft FrontPage 2002 SP3 Microsoft Outlook 2002 SP3 Microsoft Outlook 2002 SP3 Microsoft PowerPoint 2002 SP3 Microsoft PowerPoint 2002 SP3 Microsoft Publisher 2002 SP3 Microsoft Publisher 2002 SP3 Microsoft Office XP SP2 Microsoft Windows 2000 Professional SP3 Microsoft Windows 2000 Professional SP2 Microsoft Windows 2000 Professional SP1 Microsoft Windows 2000 Professional Microsoft Windows 98 Microsoft Windows 98SE Microsoft Windows ME Microsoft Windows NT Workstation 4.0 SP6a Microsoft Windows NT Workstation 4.0 SP6 Microsoft Windows NT Workstation 4.0 SP5 Microsoft Windows NT Workstation 4.0 SP4 Microsoft Windows NT Workstation 4.0 SP3 Microsoft Windows NT Workstation 4.0 SP2 Microsoft Windows NT Workstation 4.0 SP1 Microsoft Windows NT Workstation 4.0 Microsoft Windows XP Home SP1 Microsoft Windows XP Home Microsoft Windows XP Professional SP1 Microsoft Windows XP Professional Microsoft Office XP SP1 Microsoft Windows 2000 Professional SP2 Microsoft Windows 2000 Professional SP1 Microsoft Windows 2000 Professional Microsoft Windows 98 Microsoft Windows ME Microsoft Windows NT Workstation 4.0 SP6a Microsoft Windows NT Workstation 4.0 SP6 Microsoft Windows NT Workstation 4.0 SP5 Microsoft Windows NT Workstation 4.0 SP4 Microsoft Windows NT Workstation 4.0 SP3 Microsoft Windows NT Workstation 4.0 SP2 Microsoft Windows NT Workstation 4.0 SP1 Microsoft Windows NT Workstation 4.0 Microsoft Windows XP Home Microsoft Windows XP Professional Microsoft Office XP Microsoft Windows 2000 Professional SP2 Microsoft Windows 2000 Professional SP1 Microsoft Windows 2000 Professional Microsoft Windows 98 Microsoft Windows ME Microsoft Windows NT Workstation 4.0 SP6a Microsoft Windows NT Workstation 4.0 SP6 Microsoft Windows NT Workstation 4.0 SP5 Microsoft Windows NT Workstation 4.0 SP4 Microsoft Windows NT Workstation 4.0 SP3 Microsoft Windows NT Workstation 4.0 SP2 Microsoft Windows NT Workstation 4.0 SP1 Microsoft Windows NT Workstation 4.0 Microsoft Windows XP Home Microsoft Windows XP Professional
Not Vulnerable
Code	Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: content@securitydot.net.
TXT

Vulnerabilities - newest 10 RSS | More

• 2009-11-26 ISC BIND 9 DNSSEC Query Response Additional Section Remote Cache Poisoning Vulnerability
• 2009-11-26 America Online ICQ ActiveX Control Remote Code Execution Vulnerability
• 2009-11-26 Novell eDirectory iMonitor HTTPSTK Buffer Overflow Vulnerability
• 2009-11-25 Mozilla Firefox and SeaMonkey Download Filename Spoofing Vulnerability
• 2009-11-25 XM Easy Personal FTP Server File/Folder Remote Denial of Service Vulnerability
• 2009-11-25 Subscribe to Comments Prior to 2.1 Multiple Unspecified Cross Site Scripting Vulnerabilities
• 2009-11-25 Mozilla Firefox CVE-2009-3383 Multiple Remote Memory Corruption Vulnerabilities
• 2009-11-24 Subscribe to Comments WordPress Plugin Multiple Unspecified Input Validation Vulnerabilities
• 2009-11-24 RETIRED: Microsoft November 2009 Advance Notification Multiple Vulnerabilities
• 2009-11-24 Cacti Multiple HTML Injection Vulnerabilities

• Vulnerabilities
• Exploits
• News
• Articles

Copyright 2007, SecurityDot
Mon, 30 Nov 2009 00:59:15 +0000