CVE-2008-1083

HIGHCVSS 8.1

8.1

Heap-based buffer overflow in the CreateDIBPatternBrushPt function in GDI in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, and Server 2008 allows remote attackers to execute arbitrary code via an EMF or WMF image file with a malformed header that triggers an integer overflow, aka "GDI Heap Overflow Vulnerability."

🔗 References (40)

secure@microsofthttp://archives.neohapsis.com/archives/fulldisclosure/2008-04/0168.html
secure@microsofthttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=681
secure@microsofthttp://marc.info/?l=bugtraq&m=120845064910729&w=2
secure@microsofthttp://secunia.com/advisories/29704
secure@microsofthttp://support.microsoft.com/kb/948590
secure@microsofthttp://www.kb.cert.org/vuls/id/632963
secure@microsofthttp://www.osvdb.org/44213
secure@microsofthttp://www.osvdb.org/44214
secure@microsofthttp://www.securityfocus.com/archive/1/490584/100/0/threaded
secure@microsofthttp://www.securityfocus.com/bid/28571
secure@microsofthttp://www.securityfocus.com/bid/30933
secure@microsofthttp://www.securitytracker.com/id?1019798
secure@microsofthttp://www.us-cert.gov/cas/techalerts/TA08-099A.html
secure@microsofthttp://www.vupen.com/english/advisories/2008/1145/references
secure@microsofthttp://www.zerodayinitiative.com/advisories/ZDI-08-020/

Is Your Infrastructure Affected by CVE-2008-1083?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2008-1083

📅 Published

🔄 Last Modified

🔗 References (40)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2008-1083?