Oval Definition:oval:org.mitre.oval:def:2056
Revision Date:2011-05-09Version:46
Title:GDI Local Elevation of Privilege Vulnerability
Description:The Graphics Rendering Engine in Microsoft Windows 2000 through 2000 SP4 and Windows XP through SP2 maps GDI Kernel structures on a global shared memory section that is mapped with read-only permissions, but can be remapped by other processes as read-write, which allows local users to cause a denial of service (memory corruption and crash) and gain privileges by modifying the kernel structures.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2006-5758
Platform(s):Microsoft Windows 2000
Microsoft Windows XP
Product(s):
Definition Synopsis
  • Windows 2000 SP4
  • Microsoft Windows 2000 SP4 or later is installed
  • AND gdi32.dll version is less than 5.0.2195.7133
  • OR Windows XP SP2
  • Microsoft Windows XP SP2 or later is installed
  • AND Gdi32.dll version is less than 5.1.2600.3099
  • BACK