Oval Definition:	oval:org.mitre.oval:def:15628
Revision Date: 2014-06-30 Version: 14 Title: GDI+ Heap Overflow Vulnerability Description: Heap-based buffer overflow in the Office GDI+ library in Microsoft Office 2003 SP3 and 2007 SP2 and SP3 allows remote attackers to execute arbitrary code via a crafted EMF image in an Office document, aka "GDI+ Heap Overflow Vulnerability." Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2012-0167 Platform(s): Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Product(s): Microsoft Office 2003 Microsoft Office 2007 Definition Synopsis Microsoft Office 2003 (KB2598253) Microsoft Office 2003 SP3 is installed AND GDIPlus.dll version is less than 11.0.8345.0 OR Microsoft Office 2007 (KB2596672/KB2596792) Microsoft Office 2007 SP2 is installed AND KB2596672/KB2596792 the version of Mspcore.dll is less than 12.0.6658.5001 OR the version of Ogl.dll is less than 12.0.6659.5000
BACK