exploits , vulnerabilities , articles , Microsoft GDI+ Malformed Office Object Memory Corruption Remote Code Execution Vulnerability

Title	Microsoft GDI+ Malformed Office Object Memory Corruption Remote Code Execution Vulnerability
Published	2009-10-13-12:00AM
Updated	2009-10-13-10:09PM
Class	Boundary Condition Error
CVE	CVE-2009-2528
Remote	Yes
Local	No
Credit	Marsu Pilami of VeriSign iDefense Labs
Vulnerable	Microsoft Office XP SP3 Microsoft Excel 2002 SP3 Microsoft Excel 2002 SP3 Microsoft FrontPage 2002 SP3 Microsoft FrontPage 2002 SP3 Microsoft Outlook 2002 SP3 Microsoft Outlook 2002 SP3 Microsoft PowerPoint 2002 SP3 Microsoft PowerPoint 2002 SP3 Microsoft Publisher 2002 SP3 Microsoft Publisher 2002 SP3 Microsoft Office XP SP2 Microsoft Windows 2000 Professional SP3 Microsoft Windows 2000 Professional SP2 Microsoft Windows 2000 Professional SP1 Microsoft Windows 2000 Professional Microsoft Windows 98 Microsoft Windows 98SE Microsoft Windows ME Microsoft Windows NT Workstation 4.0 SP6a Microsoft Windows NT Workstation 4.0 SP6 Microsoft Windows NT Workstation 4.0 SP5 Microsoft Windows NT Workstation 4.0 SP4 Microsoft Windows NT Workstation 4.0 SP3 Microsoft Windows NT Workstation 4.0 SP2 Microsoft Windows NT Workstation 4.0 SP1 Microsoft Windows NT Workstation 4.0 Microsoft Windows XP Home SP1 Microsoft Windows XP Home Microsoft Windows XP Professional SP1 Microsoft Windows XP Professional Microsoft Office XP SP1 Microsoft Windows 2000 Professional SP2 Microsoft Windows 2000 Professional SP1 Microsoft Windows 2000 Professional Microsoft Windows 98 Microsoft Windows ME Microsoft Windows NT Workstation 4.0 SP6a Microsoft Windows NT Workstation 4.0 SP6 Microsoft Windows NT Workstation 4.0 SP5 Microsoft Windows NT Workstation 4.0 SP4 Microsoft Windows NT Workstation 4.0 SP3 Microsoft Windows NT Workstation 4.0 SP2 Microsoft Windows NT Workstation 4.0 SP1 Microsoft Windows NT Workstation 4.0 Microsoft Windows XP Home Microsoft Windows XP Professional Microsoft Office XP Microsoft Windows 2000 Professional SP2 Microsoft Windows 2000 Professional SP1 Microsoft Windows 2000 Professional Microsoft Windows 98 Microsoft Windows ME Microsoft Windows NT Workstation 4.0 SP6a Microsoft Windows NT Workstation 4.0 SP6 Microsoft Windows NT Workstation 4.0 SP5 Microsoft Windows NT Workstation 4.0 SP4 Microsoft Windows NT Workstation 4.0 SP3 Microsoft Windows NT Workstation 4.0 SP2 Microsoft Windows NT Workstation 4.0 SP1 Microsoft Windows NT Workstation 4.0 Microsoft Windows XP Home Microsoft Windows XP Professional
Not Vulnerable
Code	Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: content@securitydot.net.
TXT

Vulnerabilities - newest 10 RSS | More

• 2009-12-08 IBM InfoSphere Information Server Multiple Unspecified Buffer Overflow Vulnerabilities
• 2009-12-08 Novell iPrint Client Remote Buffer Overflow Vulnerabilities
• 2009-12-07 FFmpeg TCP/UDP Memory Leak Denial Of ServiceVulnerability
• 2009-12-04 Achievo Document Types Section Arbitrary File Upload Vulnerability
• 2009-12-04 Achievo Scheduler Category HTML Injection Vulnerability
• 2009-12-04 Yoast Google Analytics for WordPress Plugin 404 Error Page Cross Site Scripting Vulnerability
• 2009-12-04 DevIL DICOM File Handling Remote Buffer Overflow Vulnerability
• 2009-12-04 Invision Power Board Local File Include and SQL Injection Vulnerabilities
• 2009-12-04 Mozilla Firefox Yoono Extension DOM Event Handler Cross Domain Scripting Vulnerability
• 2009-12-04 UBB.threads Multiple File Include Vulnerabilities

• Vulnerabilities
• Exploits
• News
• Articles

Copyright 2007, SecurityDot
Tue, 08 Dec 2009 19:26:31 +0000