Vulnerability Name: CVE-2008-3013 (CCN-44713) Assigned: 2008-09-09 Published: 2008-09-09 Updated: 2021-07-23 Summary: gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a malformed GIF image file containing many extension markers for graphic control extensions and subsequent unknown labels, aka "GDI+ GIF Parsing Vulnerability." CVSS v3 Severity: 10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H )Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): ChangedImpact Metrics: Confidentiality (C): HighIntegrity (I): HighAvailibility (A): High
CVSS v2 Severity: 9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C )6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C )Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): MediumAuthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
9.3 High (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C )6.9 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C )Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): MediumAthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
Vulnerability Type: CWE-399 Vulnerability Consequences: Gain Access References: Source: MITRE Type: CNACVE-2008-3013 Source: CCN Type: Ivan Fratric's Security Blog, Wednesday, September 10, 2008Windows GDI+ GIF memory corruption Source: MISC Type: UNKNOWNhttp://ifsec.blogspot.com/2008/09/windows-gdi-gif-memory-corruption.html Source: HP Type: UNKNOWNHPSBST02372 Source: CCN Type: SA32154WinZip GDI+ Multiple Vulnerabilities Source: SECUNIA Type: Vendor Advisory32154 Source: CCN Type: SECTRACK ID: 1020836Microsoft GDI+ Bug in Processing GIF Image Files Lets Remote Users Execute Arbitrary Code Source: CCN Type: ASA-2008-377MS08-052 Vulnerabilities in GDI+ Could Allow Remote Code Execution (954593) Source: CCN Type: NORTEL BULLETIN ID: 2008009060, Rev 1Nortel Response to Microsoft Security Bulletin MS08-052 Source: CCN Type: Microsoft Security Bulletin MS11-096Vulnerability in Microsoft Excel Could Allow Remote Code Execution (2640241) Source: CCN Type: Microsoft Security Bulletin MS12-028Vulnerability in Microsoft Office Could Allow for Remote Code Execution (2639185) Source: CCN Type: Microsoft Security Bulletin MS12-029Vulnerability in Microsoft Word Could Allow Remote Code Execution (2680352) Source: CCN Type: Microsoft Security Bulletin MS12-034Combined Security Update for Microsoft Office, Windows, .NET Framework, and Silverlight (2681578) Source: CCN Type: Microsoft Security Bulletin MS12-057Vulnerability in Microsoft Office Could Allow for Remote Code Execution (2731879) Source: CCN Type: Microsoft Security Bulletin MS12-064Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2742319) Source: CCN Type: Microsoft Security Bulletin MS12-065Vulnerability in Microsoft Works Could Allow Remote Code Execution (KB2754670) Source: CCN Type: Microsoft Security Bulletin MS12-070Vulnerability in SQL Server Could Allow Elevation of Privilege (2754849) Source: CCN Type: Microsoft Security Bulletin MS12-079Vulnerability in Microsoft Word Could Allow Remote Code Execution (2780642) Source: CCN Type: Microsoft Security Bulletin MS13-022Vulnerability in Silverlight Could Allow Remote Code Execution (2814124) Source: CCN Type: Microsoft Security Bulletin MS13-043Vulnerability in Microsoft Word Could Allow Remote Code Execution (2830399) Source: CCN Type: Microsoft Security Bulletin MS13-054Vulnerability in Windows Components Could Allow Remote Code Execution (2848295) Source: CCN Type: Microsoft Security Bulletin MS13-072Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2845537) Source: CCN Type: Microsoft Security Bulletin MS13-085Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2885080) Source: CCN Type: Microsoft Security Bulletin MS13-086Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2885084) Source: CCN Type: Microsoft Security Bulletin MS14-001Vulnerabilities in Microsoft Word and Office Web Apps Could Allow Remote Code Execution (2916605) Source: CCN Type: Microsoft Security Bulletin MS14-017Vulnerabilities in Microsoft Word and Office Web Apps Could Allow Remote Code Execution (2949660) Source: CCN Type: Microsoft Security Bulletin MS14-034Vulnerability in Microsoft Word Could Allow Remote Code Execution (2969261) Source: CCN Type: Microsoft Security Bulletin MS14-038Vulnerability in Windows Journal Could Allow Remote Code Execution (2975689) Source: CCN Type: Microsoft Security Bulletin MS14-044Vulnerabilities in SQL Server Could Allow Elevation of Privilege (2984340) Source: CCN Type: Microsoft Security Bulletin MS14-061Vulnerability in Microsoft Word and Office Web Apps Could Allow Remote Code Execution (3000434) Source: CCN Type: Microsoft Security Bulletin MS14-069Vulnerability in Microsoft Office Could Allow Remote Code Execution (3009710) Source: CCN Type: Microsoft Security Bulletin MS14-081Vulnerabilities in Microsoft Word and Office Web Apps Could Allow Remote Code Execution (3017301) Source: CCN Type: Microsoft Security Bulletin MS14-083Vulnerabilities in MicrosoftExcel Could Allow Remote Code Execution (3017347) Source: CCN Type: Microsoft Security Bulletin MS15-081Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3080790) Source: CCN Type: Microsoft Security Bulletin MS15-099Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3089664) Source: CCN Type: Microsoft Security Bulletin MS15-110Security Updates for Microsoft Office (3096440) Source: CCN Type: Microsoft Security Bulletin MS15-116Security Updates for Microsoft Office to Address Remote Code Execution (3104540) Source: CCN Type: Microsoft Security Bulletin MS15-131Security Update for Microsoft Office to Address Remote Code Execution (3116111) Source: CCN Type: Microsoft Security Bulletin MS16-004Security Update for Microsoft Office to Address Remote Code Execution - Critical (3124585) Source: CCN Type: Microsoft Security Bulletin MS16-015Security Update for Microsoft Office to Address Remote Code Execution (3134226) Source: CCN Type: Microsoft Security Bulletin MS16-029Security Update for Microsoft Office to Address Remote Code Execution (3141806) Source: CCN Type: Microsoft Security Bulletin MS16-042Security Update for Microsoft Office (3148775) Source: CCN Type: Microsoft Security Bulletin MS16-054Security Update for Microsoft Office (3155544) Source: CCN Type: Microsoft Security Bulletin MS16-070Security Update for Office (3163610) Source: CCN Type: Microsoft Security Bulletin MS16-088Security Updates for Office (3170008) Source: CCN Type: Microsoft Security Bulletin MS16-099Security Update for Office (3177451) Source: CCN Type: Microsoft Security Bulletin MS16-107Security Update for Microsoft Office (3185852) Source: CCN Type: Microsoft Security Bulletin MS16-121Security Update for Microsoft Office (3194063) Source: CCN Type: Microsoft Security Bulletin MS16-133Security Update for Microsoft Office (3199168) Source: CCN Type: Microsoft Security Bulletin MS16-148Security Update for Microsoft Office (3204068) Source: CCN Type: Microsoft Security Bulletin MS17-002Security Update for Microsoft Office (3214291) Source: CCN Type: Microsoft Security Bulletin MS17-013Security Update for Microsoft Graphics Component (4013075) Source: CCN Type: Microsoft Security Bulletin MS17-014Security Update for Microsoft Office (4013241) Source: CCN Type: Microsoft Security Bulletin MS08-052Vulnerabilities in GDI+ Could Allow Remote Code Execution (954593) Source: CCN Type: Microsoft Security Bulletin MS08-072Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (957173) Source: CCN Type: Microsoft Security Bulletin MS09-004Vulnerability in Microsoft SQL Server Could Allow Remote Code Execution (959420) Source: CCN Type: Microsoft Security Bulletin MS09-017Vulnerabilities in Microsoft Office PowerPoint Could Allow Remote Code Execution (967340) Source: CCN Type: Microsoft Security Bulletin MS09-024Vulnerability in Microsoft Works Converters Could Allow Remote Code Execution (957632) Source: CCN Type: Microsoft Security Bulletin MS09-027Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (969514) Source: CCN Type: Microsoft Security Bulletin MS09-062Vulnerabilities in GDI+ Could Allow Remote Code Execution (957488) Source: CCN Type: Microsoft Security Bulletin MS09-068Vulnerability in Microsoft Office Word Allows Remote Code Execution (976307) Source: CCN Type: Microsoft Security Bulletin MS09-073Vulnerability in WordPad and Office Text Converters Could Allow Remote Code Execution (975539) Source: CCN Type: Microsoft Security Bulletin MS10-003Vulnerability in Microsoft Office (MSO) Could Allow Remote Code Execution (978214) Source: CCN Type: Microsoft Security Bulletin MS10-004Vulnerabilities in Microsoft Office PowerPoint Could Allow Remote Code Execution (975416) Source: CCN Type: Microsoft Security Bulletin MS10-028Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (980094) Source: CCN Type: Microsoft Security Bulletin MS10-036Vulnerabilities in COM validation in Microsoft Office Could Allow Remote Code Execution (983235 Source: CCN Type: Microsoft Security Bulletin MS10-056Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (2269638) Source: CCN Type: Microsoft Security Bulletin MS10-057Vulnerability in Microsoft Office Excel Could Allow Remote Code Execution (2269707) Source: CCN Type: Microsoft Security Bulletin MS10-079Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2293194) Source: CCN Type: Microsoft Security Bulletin MS10-087Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2423930) Source: CCN Type: Microsoft Security Bulletin MS10-105Vulnerabilities in Microsoft Office Graphics Filters Could Allow for Remote Code Execution (968095) Source: CCN Type: Microsoft Security Bulletin MS11-008Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (2451879) Source: CCN Type: Microsoft Security Bulletin MS11-021Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2489279) Source: CCN Type: Microsoft Security Bulletin MS11-023Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2489293) Source: CCN Type: Microsoft Security Bulletin MS11-029Vulnerability in GDI+ Could Allow Remote Code Execution (2489979) Source: CCN Type: Microsoft Security Bulletin MS11-045Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2537146) Source: CCN Type: Microsoft Security Bulletin MS11-049Vulnerability in the Microsoft XML Editor Could Allow Information Disclosure (2543893) Source: CCN Type: Microsoft Security Bulletin MS11-060Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (2560978) Source: CCN Type: Microsoft Security Bulletin MS11-072Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2587505) Source: BUGTRAQ Type: UNKNOWN20080909 ZDI-08-056: Microsoft Windows GDI+ GIF Parsing Code Execution Vulnerability Source: BID Type: UNKNOWN31020 Source: CCN Type: BID-31020Microsoft GDI+ GIF File Parsing Remote Code Execution Vulnerability Source: SECTRACK Type: UNKNOWN1020836 Source: CERT Type: US Government ResourceTA08-253A Source: VUPEN Type: Vendor AdvisoryADV-2008-2520 Source: VUPEN Type: Vendor AdvisoryADV-2008-2696 Source: MISC Type: UNKNOWNhttp://www.zerodayinitiative.com/advisories/ZDI-08-056 Source: MISC Type: UNKNOWNhttp://www.zerodayinitiative.com/advisories/ZDI-08-056/ Source: MS Type: UNKNOWNMS08-052 Source: XF Type: UNKNOWNwin-gdi-gif-bo(44713) Source: OVAL Type: UNKNOWNoval:org.mitre.oval:def:5986 Source: CCN Type: ZDI-08-056Microsoft Windows GDI+ GIF Parsing Code Execution Vulnerability Vulnerable Configuration: Configuration 1 :cpe:/a:microsoft:office:xp:sp3:*:*:*:*:*:* OR cpe:/a:microsoft:office:2003:sp2:*:*:*:*:*:* OR cpe:/a:microsoft:sql_server_reporting_services:2000:sp2:*:*:*:*:*:* OR cpe:/a:microsoft:sql_server:2005:sp2:*:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:*:sp3:*:*:*:*:*:* OR cpe:/o:microsoft:windows_vista:*:gold:*:*:*:*:*:* OR cpe:/a:microsoft:office:2007:sp1:*:*:*:*:*:* OR cpe:/a:microsoft:visio:2002:sp2:*:*:*:*:*:* OR cpe:/a:microsoft:forefront_client_security:1.0:*:*:*:*:*:*:* OR cpe:/a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:*:sp2:*:*:*:*:*:* OR cpe:/a:microsoft:powerpoint_viewer:2003:*:*:*:*:*:*:* OR cpe:/a:microsoft:digital_image_suite:2006:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:*:* OR cpe:/a:microsoft:report_viewer:2005:sp1:*:*:*:*:*:* OR cpe:/a:microsoft:report_viewer:2008:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_vista:*:sp2:*:*:*:*:*:* OR cpe:/a:microsoft:office:2007:*:gold:*:*:*:*:* OR cpe:/a:microsoft:office:2003:sp3:*:*:*:*:*:* OR cpe:/a:microsoft:works:8.0:*:*:*:*:*:*:* Configuration CCN 1 :cpe:/a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_2000:*:sp4:*:*:*:*:*:* OR cpe:/o:microsoft:windows:2003_server:*:x64:*:*:*:*:* OR cpe:/o:microsoft:windows:xp:sp2:*:*:*:*:*:* OR cpe:/a:microsoft:visio:2002:sp2:*:*:*:*:*:* OR cpe:/a:microsoft:office:xp:sp3:*:*:*:*:*:* OR cpe:/o:microsoft:windows:2003_server:sp1:*:*:*:*:*:* OR cpe:/o:microsoft:windows:2003_server:sp1_itanium:*:*:*:*:*:* OR cpe:/a:microsoft:office:2003:sp2:*:*:*:*:*:* OR cpe:/a:microsoft:works:8.0:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_vista:*:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows:server_2003:sp2:*:*:*:*:*:* OR cpe:/o:microsoft:windows:server_2003:sp2:itanium:*:*:*:*:* OR cpe:/o:microsoft:windows:server_2003:sp2:x64:*:*:*:*:* OR cpe:/o:microsoft:windows_vista:*:*:*:*:*:*:x64:* OR cpe:/o:microsoft:windows_xp::sp2:x64:*:professional:*:*:* OR cpe:/a:microsoft:office_compatibility_pack:2007:*:*:*:*:*:*:* OR cpe:/a:microsoft:groove_server:2007:*:*:*:*:*:*:* OR cpe:/a:microsoft:office:2007:*:*:*:*:*:*:* OR cpe:/a:microsoft:expression_web:*:*:*:*:*:*:*:* OR cpe:/a:microsoft:office:2003:sp3:*:*:*:*:*:* OR cpe:/a:microsoft:sql_server:2005:sp2:*:*:*:*:*:* OR cpe:/o:microsoft:windows_vista:*:sp1:*:*:*:*:*:* OR cpe:/o:microsoft:windows_vista:*:sp1:*:*:*:*:x64:* OR cpe:/a:microsoft:sql_server:2005:sp2:*:*:*:*:x64:* OR cpe:/a:microsoft:sql_server:2005:sp2:*:*:*:*:itanium:* OR cpe:/a:microsoft:office_compatibility_pack:2007:sp1:*:*:*:*:*:* OR cpe:/a:microsoft:windows_messenger:5.1:*:*:*:*:*:*:* OR cpe:/a:microsoft:powerpoint_viewer:2003:*:*:*:*:*:*:* OR cpe:/a:microsoft:office:2007:sp1:*:*:*:*:*:* OR cpe:/a:microsoft:sql_server_reporting_services:2000:sp2:*:*:*:*:*:* OR cpe:/a:microsoft:report_viewer:2005:sp1:*:*:*:*:*:* OR cpe:/a:microsoft:report_viewer:2008:*:*:*:*:*:*:* OR cpe:/a:microsoft:digital_image_suite:2006:*:*:*:*:*:*:* OR cpe:/a:microsoft:forefront_client_security:1.0:*:*:*:*:*:*:* OR cpe:/a:microsoft:expression_web:2:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:itanium:* OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:x32:* OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:x64:* OR cpe:/o:microsoft:windows:xp:sp3:*:*:*:*:*:* Denotes that component is vulnerable Oval Definitions BACK
microsoft office xp sp3
microsoft office 2003 sp2
microsoft sql server reporting services 2000 sp2
microsoft sql server 2005 sp2
microsoft windows xp * sp3
microsoft windows vista * gold
microsoft office 2007 sp1
microsoft visio 2002 sp2
microsoft forefront client security 1.0
microsoft internet explorer 6 sp1
microsoft windows xp * sp2
microsoft powerpoint viewer 2003
microsoft digital image suite 2006
microsoft windows server 2008 -
microsoft report viewer 2005 sp1
microsoft report viewer 2008
microsoft windows vista * sp2
microsoft office 2007
microsoft office 2003 sp3
microsoft works 8.0
microsoft ie 6.0
microsoft windows 2000 * sp4
microsoft windows 2003_server
microsoft windows xp sp2
microsoft visio 2002 sp2
microsoft office xp sp3
microsoft windows 2003_server sp1
microsoft windows 2003_server sp1_itanium
microsoft office 2003 sp2
microsoft works 8.0
microsoft windows vista *
microsoft windows server_2003 sp2
microsoft windows server_2003 sp2
microsoft windows server_2003 sp2
microsoft windows vista *
microsoft windows xp sp2
microsoft office compatibility pack 2007
microsoft groove server 2007
microsoft office 2007
microsoft expression web *
microsoft office 2003 sp3
microsoft sql server 2005 sp2
microsoft windows vista * sp1
microsoft windows vista * sp1
microsoft sql server 2005 sp2
microsoft sql server 2005 sp2
microsoft office compatibility pack 2007 sp1
microsoft windows messenger 5.1
microsoft powerpoint viewer 2003
microsoft office 2007 sp1
microsoft sql server reporting services 2000 sp2
microsoft report viewer 2005 sp1
microsoft report viewer 2008
microsoft digital image suite 2006
microsoft forefront client security 1.0
microsoft expression web 2
microsoft windows server 2008
microsoft windows server 2008 -
microsoft windows server 2008 -
microsoft windows xp sp3