cpe:/o:microsoft:windows_2000::sp4 cpe:/o:microsoft:windows_server_2003::sp2 cpe:/o:microsoft:windows_server_2003::sp2:itanium cpe:/o:microsoft:windows_server_2003::sp2:x64 cpe:/o:microsoft:windows_xp::sp2 cpe:/o:microsoft:windows_xp::sp3 cpe:/o:microsoft:windows_xp:-:sp2:x64 CVE-2010-0028 2010-02-10T13:30:01.097-05:00 2017-09-18T21:30:10.767-04:00 9.3 NETWORK MEDIUM NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2010-02-11T13:45:00.000-05:00 ALLOWS_ADMIN_ACCESS SECUNIA 36634 IAVM IAVM:2010-B-0014 MS MS10-005 CERT TA10-040A Integer overflow in Microsoft Paint in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted JPEG (.JPG) file, aka "MS Paint Integer Overflow Vulnerability."