Integer overflow in the AttemptWrite function in Graphics Rendering Engine (GDI) on Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 allows remote malicious users to execute arbitrary code via a crafted metafile (image) with a large record length value, which triggers a heap-based buffer overflow.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft windows 2003 server |
||
microsoft windows xp |
||
microsoft windows server 2003 |
||
microsoft windows 2000 |