Remote Code Execution Vulnerability in GDIID: oval:org.mitre.oval:def:2088 | Date: (C)2007-08-15 (M)2022-03-21 |
Class: VULNERABILITY | Family: windows |
Integer overflow in the AttemptWrite function in Graphics Rendering Engine (GDI) on Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted metafile (image) with a large record length value, which triggers a heap-based buffer overflow.
Platform: |
Microsoft Windows 2000 |
Microsoft Windows XP |
Microsoft Windows Server 2003 |