Oval Definition:	oval:org.mitre.oval:def:1105
Revision Date: 2006-01-04 Version: 42 Title: GDI+ JPEG Parsing Engine Buffer Overflow (Server 2003) Description: Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation. Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2004-0200 Platform(s): Microsoft Windows Server 2003 Microsoft Windows XP Product(s): GDI+ Definition Synopsis 64-bit XP or Server 2003 is installed 64-bit XP is installed Windows XP is installed AND 64-Bit (x64 architecture) version of Windows is installed OR Windows Server 2003 is installed AND the version of sxs.dll is less than 5.2.3790.121
BACK