Published: 14/08/2007 Updated: 26/02/2019

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 935

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Integer overflow in the AttemptWrite function in Graphics Rendering Engine (GDI) on Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 allows remote malicious users to execute arbitrary code via a crafted metafile (image) with a large record length value, which triggers a heap-based buffer overflow.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft windows 2003 server
microsoft windows xp
microsoft windows server 2003
microsoft windows 2000

/* * MS07-046(GDI32dll Integer overflow DOS) Proof Of Concept Code * by Hong Gil-Dong & Chun Woo-Chi * Yang yeon(?~1542), Korea * "I shall keep clenching my left fist unitl i see the real tao" * This POC is only for test If an application read a malformed wmf * file like this POC, the application will be crashed If you apply * ...

CWE-189 http://www.us-cert.gov/cas/techalerts/TA07-226A.html http://www.kb.cert.org/vuls/id/640136 http://www.securityfocus.com/bid/25302 http://www.securitytracker.com/id?1018563 http://secunia.com/advisories/26423 http://www.vupen.com/english/advisories/2007/2870 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2088 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-046 http://www.securityfocus.com/archive/1/476505/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/4337/https://www.kb.cert.org/vuls/id/640136

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-3034

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect