CVE-2008-3015 (GCVE-0-2008-3015)
Vulnerability from cvelistv5
Published
2008-09-10 15:00
Modified
2024-08-07 09:21
Severity ?
CWE
  • n/a
Summary
Integer overflow in gdiplus.dll in GDI+ in Microsoft Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a BMP image file with a malformed BitMapInfoHeader that triggers a buffer overflow, aka "GDI+ BMP Integer Overflow Vulnerability."
References
secure@microsoft.com http://marc.info/?l=bugtraq&m=122235754013992&w=2
secure@microsoft.com http://marc.info/?l=bugtraq&m=122235754013992&w=2
secure@microsoft.com http://secunia.com/advisories/32154 Vendor Advisory
secure@microsoft.com http://www.evilfingers.com/patchTuesday/MS08_052_GDI+_Vulnerability.txt
secure@microsoft.com http://www.evilfingers.com/patchTuesday/MS08_052_GDI+_Vulnerability_ver2.txt
secure@microsoft.com http://www.securityfocus.com/archive/1/496153/100/0/threaded
secure@microsoft.com http://www.securityfocus.com/bid/31022
secure@microsoft.com http://www.securitytracker.com/id?1020838
secure@microsoft.com http://www.us-cert.gov/cas/techalerts/TA08-253A.html US Government Resource
secure@microsoft.com http://www.vupen.com/english/advisories/2008/2520 Vendor Advisory
secure@microsoft.com http://www.vupen.com/english/advisories/2008/2696 Vendor Advisory
secure@microsoft.com http://www.zerodayinitiative.com/advisories/ZDI-08-055
secure@microsoft.com https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052
secure@microsoft.com https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5881
secure@microsoft.com https://www.exploit-db.com/exploits/6619
secure@microsoft.com https://www.exploit-db.com/exploits/6716
af854a3a-2127-422b-91ae-364da2661108 http://marc.info/?l=bugtraq&m=122235754013992&w=2
af854a3a-2127-422b-91ae-364da2661108 http://marc.info/?l=bugtraq&m=122235754013992&w=2
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/advisories/32154 Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 http://www.evilfingers.com/patchTuesday/MS08_052_GDI+_Vulnerability.txt
af854a3a-2127-422b-91ae-364da2661108 http://www.evilfingers.com/patchTuesday/MS08_052_GDI+_Vulnerability_ver2.txt
af854a3a-2127-422b-91ae-364da2661108 http://www.securityfocus.com/archive/1/496153/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108 http://www.securityfocus.com/bid/31022
af854a3a-2127-422b-91ae-364da2661108 http://www.securitytracker.com/id?1020838
af854a3a-2127-422b-91ae-364da2661108 http://www.us-cert.gov/cas/techalerts/TA08-253A.html US Government Resource
af854a3a-2127-422b-91ae-364da2661108 http://www.vupen.com/english/advisories/2008/2520 Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 http://www.vupen.com/english/advisories/2008/2696 Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 http://www.zerodayinitiative.com/advisories/ZDI-08-055
af854a3a-2127-422b-91ae-364da2661108 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052
af854a3a-2127-422b-91ae-364da2661108 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5881
af854a3a-2127-422b-91ae-364da2661108 https://www.exploit-db.com/exploits/6619
af854a3a-2127-422b-91ae-364da2661108 https://www.exploit-db.com/exploits/6716
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T09:21:34.937Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "32154",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/32154"
          },
          {
            "name": "1020838",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1020838"
          },
          {
            "name": "HPSBST02372",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
          },
          {
            "name": "MS08-052",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052"
          },
          {
            "name": "20080909 ZDI-08-055: Microsoft Windows GDI+ BMP Parsing Code Execution Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/496153/100/0/threaded"
          },
          {
            "name": "ADV-2008-2696",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/2696"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.evilfingers.com/patchTuesday/MS08_052_GDI+_Vulnerability.txt"
          },
          {
            "name": "6716",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/6716"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-055"
          },
          {
            "name": "SSRT080133",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
          },
          {
            "name": "31022",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/31022"
          },
          {
            "name": "oval:org.mitre.oval:def:5881",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5881"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.evilfingers.com/patchTuesday/MS08_052_GDI+_Vulnerability_ver2.txt"
          },
          {
            "name": "6619",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/6619"
          },
          {
            "name": "TA08-253A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA08-253A.html"
          },
          {
            "name": "ADV-2008-2520",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/2520"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-09-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in gdiplus.dll in GDI+ in Microsoft Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a BMP image file with a malformed BitMapInfoHeader that triggers a buffer overflow, aka \"GDI+ BMP Integer Overflow Vulnerability.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "32154",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/32154"
        },
        {
          "name": "1020838",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1020838"
        },
        {
          "name": "HPSBST02372",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
        },
        {
          "name": "MS08-052",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052"
        },
        {
          "name": "20080909 ZDI-08-055: Microsoft Windows GDI+ BMP Parsing Code Execution Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/496153/100/0/threaded"
        },
        {
          "name": "ADV-2008-2696",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/2696"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.evilfingers.com/patchTuesday/MS08_052_GDI+_Vulnerability.txt"
        },
        {
          "name": "6716",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/6716"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-055"
        },
        {
          "name": "SSRT080133",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
        },
        {
          "name": "31022",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/31022"
        },
        {
          "name": "oval:org.mitre.oval:def:5881",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5881"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.evilfingers.com/patchTuesday/MS08_052_GDI+_Vulnerability_ver2.txt"
        },
        {
          "name": "6619",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/6619"
        },
        {
          "name": "TA08-253A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA08-253A.html"
        },
        {
          "name": "ADV-2008-2520",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/2520"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2008-3015",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in gdiplus.dll in GDI+ in Microsoft Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a BMP image file with a malformed BitMapInfoHeader that triggers a buffer overflow, aka \"GDI+ BMP Integer Overflow Vulnerability.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "32154",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/32154"
            },
            {
              "name": "1020838",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1020838"
            },
            {
              "name": "HPSBST02372",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
            },
            {
              "name": "MS08-052",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052"
            },
            {
              "name": "20080909 ZDI-08-055: Microsoft Windows GDI+ BMP Parsing Code Execution Vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/496153/100/0/threaded"
            },
            {
              "name": "ADV-2008-2696",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/2696"
            },
            {
              "name": "http://www.evilfingers.com/patchTuesday/MS08_052_GDI+_Vulnerability.txt",
              "refsource": "MISC",
              "url": "http://www.evilfingers.com/patchTuesday/MS08_052_GDI+_Vulnerability.txt"
            },
            {
              "name": "6716",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/6716"
            },
            {
              "name": "http://www.zerodayinitiative.com/advisories/ZDI-08-055",
              "refsource": "MISC",
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-055"
            },
            {
              "name": "SSRT080133",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
            },
            {
              "name": "31022",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/31022"
            },
            {
              "name": "oval:org.mitre.oval:def:5881",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5881"
            },
            {
              "name": "http://www.evilfingers.com/patchTuesday/MS08_052_GDI+_Vulnerability_ver2.txt",
              "refsource": "MISC",
              "url": "http://www.evilfingers.com/patchTuesday/MS08_052_GDI+_Vulnerability_ver2.txt"
            },
            {
              "name": "6619",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/6619"
            },
            {
              "name": "TA08-253A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA08-253A.html"
            },
            {
              "name": "ADV-2008-2520",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/2520"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2008-3015",
    "datePublished": "2008-09-10T15:00:00",
    "dateReserved": "2008-07-07T00:00:00",
    "dateUpdated": "2024-08-07T09:21:34.937Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2008-3015\",\"sourceIdentifier\":\"secure@microsoft.com\",\"published\":\"2008-09-11T01:11:47.147\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Integer overflow in gdiplus.dll in GDI+ in Microsoft Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a BMP image file with a malformed BitMapInfoHeader that triggers a buffer overflow, aka \\\"GDI+ BMP Integer Overflow Vulnerability.\\\"\"},{\"lang\":\"es\",\"value\":\"Un desbordamiento de enteros en la biblioteca gdiplus.dll en GDI+ en Office XP SP3, Office 2003 SP2 y SP3, 2007, de Microsoft; Office System Gold y SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2 , SQL Server 2005 SP2, Report Viewer 2005 SP1 y 2008, y Forefront Client Security versi\u00f3n 1.0, de Microsoft, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un archivo de imagen BMP con una BitMapInfoHeader malformada que desencadena un desbordamiento de b\u00fafer, tambi\u00e9n se conoce como \\\"GDI+ BMP Integer Overflow Vulnerability.\\\"\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-189\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:digital_image_suite:2006:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24F42695-7FB7-4C43-A9A7-8A234B6E5937\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:forefront_client_security:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"578221F3-4C20-4A3F-A286-5A4680E8785D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:office:2003:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"07D3F3E4-93FB-481A-94D9-075E726697C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:office:2003:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"A332D04D-CC8C-4F68-A261-BA2F2D8EAD1E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:office:2007:*:gold:*:*:*:*:*\",\"matchCriteriaId\":\"E438882E-1AAE-477E-B885-D4E95D2AE88A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:office:2007:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"69E6B9EB-D3F7-4C57-BF2F-61664E5C2C7D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:office:xp:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"79BA1175-7F02-4435-AEA6-1BA8AADEB7EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:office_powerpoint_viewer:2003:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5440EF5-462B-4BAC-AF60-44C5D649D0D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:report_viewer:2005:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"033138E1-82C7-443C-89C1-23D8032674CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:report_viewer:2008:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"30E84216-227B-4074-B65B-6AA399D4A8DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:sql_server:2005:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"26423C70-4475-4D7E-8CC0-D8CFADE16B26\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:sql_server_reporting_services:2000:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"377777D4-0649-4732-9E38-E4074056C561\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:visio:2002:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0D2C5C3-225C-49DC-B9C7-C5BC05900F2E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:works:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"293914AF-6101-4F50-9560-A4EA99D767C4\"}]}]}],\"references\":[{\"url\":\"http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://secunia.com/advisories/32154\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.evilfingers.com/patchTuesday/MS08_052_GDI+_Vulnerability.txt\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.evilfingers.com/patchTuesday/MS08_052_GDI+_Vulnerability_ver2.txt\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.securityfocus.com/archive/1/496153/100/0/threaded\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.securityfocus.com/bid/31022\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.securitytracker.com/id?1020838\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA08-253A.html\",\"source\":\"secure@microsoft.com\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/2520\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/2696\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.zerodayinitiative.com/advisories/ZDI-08-055\",\"source\":\"secure@microsoft.com\"},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052\",\"source\":\"secure@microsoft.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5881\",\"source\":\"secure@microsoft.com\"},{\"url\":\"https://www.exploit-db.com/exploits/6619\",\"source\":\"secure@microsoft.com\"},{\"url\":\"https://www.exploit-db.com/exploits/6716\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/32154\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.evilfingers.com/patchTuesday/MS08_052_GDI+_Vulnerability.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.evilfingers.com/patchTuesday/MS08_052_GDI+_Vulnerability_ver2.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/496153/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/31022\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1020838\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA08-253A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/2520\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/2696\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.zerodayinitiative.com/advisories/ZDI-08-055\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5881\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.exploit-db.com/exploits/6619\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.exploit-db.com/exploits/6716\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.