Vulnerability CVE-2008-2249 - CERT Civis.Net

Vulnerability Name:

CVE-2008-2249 (CCN-46842)

Assigned:

2008-12-09

Published:

2008-12-09

Updated:

2019-02-26

Summary:

Integer overflow in GDI in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to execute arbitrary code via a malformed header in a crafted WMF file, which triggers a buffer overflow, aka "GDI Integer Overflow Vulnerability."

CVSS v3 Severity:

10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Changed
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

9.3 High (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
6.9 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

Vulnerability Type:

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2008-2249

Source: CCN
Type: HP Security Bulletin HPSBST02394 SSRT080183 rev.1
Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-070 to MS08-077

Source: IDEFENSE
Type: UNKNOWN
20081209 Microsoft Windows Graphics Device Interface Integer Overflow Vulnerability

Source: CCN
Type: SECTRACK ID: 1021365
Microsoft GDI Buffer Overflows in Processing WMF Files Lets Remote Users Execute Arbitrary Code

Source: CCN
Type: ASA-2008-474
MS08-071 Vulnerabilities in GDI Could Allow Remote Code Execution (956802)

Source: CCN
Type: NORTEL BULLETIN ID: 2008009236, Rev 1
Nortel Response to Microsoft Security Bulletin MS08-071

Source: CCN
Type: IBM Internet Security Systems Protection Alert December 9, 2008
Microsoft Windows GDI WMF image file integer overflow

Source: CCN
Type: Microsoft Security Bulletin MS08-071
Vulnerabilities in GDI Could Allow Remote Code Execution (956802)

Source: CCN
Type: BID-32634
Microsoft Windows GDI WMF Integer Overflow Vulnerability

Source: SECTRACK
Type: UNKNOWN
1021365

Source: CERT
Type: US Government Resource
TA08-344A

Source: VUPEN
Type: UNKNOWN
ADV-2008-3383

Source: MS
Type: UNKNOWN
MS08-071

Source: XF
Type: UNKNOWN
win-gdi-wmf-overflow(46842)

Source: CCN
Type: iDefense PUBLIC ADVISORY: 12.09.08 PUBLIC ADVISORY: 12.09.08 PUBLIC ADVISORY: 12.09.08
Microsoft Windows Graphics Device Interface Integer Overflow Vulnerability

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:5984

Vulnerable Configuration:

Configuration 1:

cpe:/o:microsoft:windows_xp:*:*:pro_x64:*:*:*:*:*

OR cpe:/o:microsoft:windows_2003_server:*:sp1:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_vista:gold:*:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_vista:*:*:x64:*:*:*:*:*

OR cpe:/o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:*

OR cpe:/o:microsoft:windows_server_2003:*:sp1:itanium:*:*:*:*:*

OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:itanium:*

OR cpe:/o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_xp:*:sp2:pro_x64:*:*:*:*:*

OR cpe:/o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_server_2003:*:x64:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_vista:*:sp1:x64:*:*:*:*:*

OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:x32:*

OR cpe:/o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*

Configuration CCN 1:

cpe:/o:microsoft:windows_2000:-:sp4:*:*:*:*:*:*

OR cpe:/o:microsoft:windows:2003_server::x64:*:*:*:*:*

OR cpe:/o:microsoft:windows:xp:sp2:*:*:*:*:*:*

OR cpe:/o:microsoft:windows:2003_server:sp1:*:*:*:*:*:*

OR cpe:/o:microsoft:windows:2003_server:sp1_itanium:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_vista:*:*:*:*:*:*:*:*

OR cpe:/o:microsoft:windows:server_2003:sp2:*:*:*:*:*:*

OR cpe:/o:microsoft:windows:server_2003:sp2:itanium:*:*:*:*:*

OR cpe:/o:microsoft:windows:server_2003:sp2:x64:*:*:*:*:*

OR cpe:/o:microsoft:windows_vista:-:*:x64:*:*:*:*:*

OR cpe:/o:microsoft:windows_xp::sp2:x64:*:professional:*:*:*

OR cpe:/o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_vista:-:sp1:x64:*:*:*:*:*

OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:itanium:*

OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:x32:*

OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:x64:*

OR cpe:/o:microsoft:windows:xp:sp3:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.mitre.oval:def:5984	V	GDI Integer Overflow Vulnerability	2011-11-21