Lucene search
MitreCVELIST:CVE-2009-1217HistoryApr 01, 2009 - 5:00 p.m.
CVE-2009-1217
2009-04-0117:00:00
mitre
www.cve.org
Off-by-one error in the GpFont::SetData function in gdiplus.dll in Microsoft GDI+ on Windows XP allows remote attackers to cause a denial of service (stack corruption and application termination) via a crafted EMF file that triggers an integer overflow, as demonstrated by voltage-exploit.emf, aka the “Microsoft GdiPlus EMF GpFont.SetData integer overflow.”
References
bl4cksecurity.blogspot.com/2009/03/microsoft-gdiplus-emf-gpfontsetdata.html
blogs.technet.com/srd/archive/2009/03/26/new-emf-gdiplus-dll-crash-not-exploitable-for-code-execution.aspx
www.securityfocus.com/bid/34250
www.vupen.com/english/advisories/2009/0832
exchange.xforce.ibmcloud.com/vulnerabilities/49438
Related
cve
cve
CVE-2009-1217
2009-04-01 18:00:00
checkpoint_advisories
checkpoint_advisories
prion
prion
Integer overflow
2009-04-01 18:00:00
openvas
openvas
Microsoft GDIPlus Library File Integer Overflow Vulnerability
2009-04-07 00:00:00
Microsoft GDIPlus Library File Integer Overflow Vulnerability
2009-04-07 00:00:00
nvd
nvd
CVE-2009-1217
2009-04-01 18:00:00
seebug
seebug
Microsoft Windows GDI+库GPFont::SetData()函数单字节溢出漏洞
2009-04-04 00:00:00