Oval Definition:oval:org.mitre.oval:def:322
Revision Date:2014-02-24Version:43
Title:IE v5.5,SP2 Bitmap Integer Overflow Vulnerability
Description:Integer overflow in imgbmp.cxx for Windows 2000 allows remote attackers to execute arbitrary code via a BMP image with a large bfOffBits value.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2004-0566
Platform(s):Microsoft Windows 2000
Microsoft Windows ME
Microsoft Windows NT
Product(s):Microsoft Internet Explorer
Definition Synopsis
  • Internet Explorer 5.5 Service Pack 2 is installed
  • AND the version of mshtml.dll is less than 5.50.4943.400
  • AND NOT the patch kb832894 is installed (Installed Components key)
    • BACK