Secunia Security Advisory - Multiple vulnerabilities have been reported in various Microsoft products, which can be exploited by malicious people to compromise a vulnerable system.
98e4481e71a64cfc03dffb3415120955964cb4515273da9613d2ec24f514150b
----------------------------------------------------------------------
We have updated our website, enjoy!
http://secunia.com/
----------------------------------------------------------------------
TITLE:
Microsoft Products GDI+ Multiple Vulnerabilities
SECUNIA ADVISORY ID:
SA31675
VERIFY ADVISORY:
http://secunia.com/advisories/31675/
CRITICAL:
Highly critical
IMPACT:
System access
WHERE:
>From remote
OPERATING SYSTEM:
Microsoft Windows XP Professional
http://secunia.com/product/22/
Microsoft Windows XP Home Edition
http://secunia.com/product/16/
Microsoft Windows Vista
http://secunia.com/product/13223/
Microsoft Windows Storage Server 2003
http://secunia.com/product/12399/
Microsoft Windows Server 2008
http://secunia.com/product/18255/
Microsoft Windows Server 2003 Web Edition
http://secunia.com/product/1176/
Microsoft Windows Server 2003 Standard Edition
http://secunia.com/product/1173/
Microsoft Windows Server 2003 Enterprise Edition
http://secunia.com/product/1174/
Microsoft Windows Server 2003 Datacenter Edition
http://secunia.com/product/1175/
SOFTWARE:
SQL Server 2000 Reporting Services
http://secunia.com/product/19776/
Microsoft Works 8.x
http://secunia.com/product/7215/
Microsoft Visual Studio 2008
http://secunia.com/product/17277/
Microsoft Visual Studio 2005
http://secunia.com/product/6779/
Microsoft Visual Studio .NET 2003
http://secunia.com/product/1086/
Microsoft Visual Studio .NET 2002
http://secunia.com/product/1087/
Microsoft Visual FoxPro 9.x
http://secunia.com/product/15503/
Microsoft Visual FoxPro 8.x
http://secunia.com/product/412/
Microsoft Visio 2002
http://secunia.com/product/1091/
Microsoft SQL Server 2005 Express Edition
http://secunia.com/product/6479/
Microsoft SQL Server 2005 Compact Edition 3.x
http://secunia.com/product/15845/
Microsoft SQL Server 2005
http://secunia.com/product/6782/
Microsoft Report Viewer 2005
http://secunia.com/product/14769/
Microsoft Platform SDK Redistributable: GDI+
http://secunia.com/product/19777/
Microsoft Office XP
http://secunia.com/product/23/
Microsoft Office PowerPoint 2003 Viewer
http://secunia.com/product/4033/
Microsoft Office 2007
http://secunia.com/product/13228/
Microsoft Office 2003 Student and Teacher Edition
http://secunia.com/product/2278/
Microsoft Office 2003 Standard Edition
http://secunia.com/product/2275/
Microsoft Office 2003 Small Business Edition
http://secunia.com/product/2277/
Microsoft Office 2003 Professional Edition
http://secunia.com/product/2276/
Microsoft Internet Explorer 6.x
http://secunia.com/product/11/
Microsoft Forefront Client Security 1.x
http://secunia.com/product/17290/
Microsoft Digital Image 2006 11.x
http://secunia.com/product/7791/
Microsoft .NET Framework 2.x
http://secunia.com/product/6456/
Microsoft .NET Framework 1.x
http://secunia.com/product/667/
Microsoft Report Viewer 2008
http://secunia.com/product/19778/
DESCRIPTION:
Multiple vulnerabilities have been reported in various Microsoft
products, which can be exploited by malicious people to compromise a
vulnerable system.
1) An error in the way GDI+ handles gradient sizes can be exploited
to cause a heap-based buffer overflow via a specially crafted file.
2) An error in the way GDI+ processes EMF files can be exploited to
cause memory corruption via a specially crafted EMF image file.
3) An error in the way GDI+ parses records in GIF images can be
exploited via a specially crafted GIF image file.
4) An error in the way GDI+ parses WMF files can be exploited to
cause a buffer overflow via a specially crafted WMF image file.
5) An integer overflow in GDI+ when parsing BMP file headers can be
exploited to cause a buffer overflow via a specially crafted BMP
image file.
Successful exploitation of the vulnerabilities may allow execution of
arbitrary code.
SOLUTION:
Apply patches.
Windows XP SP2/SP3:
http://www.microsoft.com/downloads/details.aspx?familyid=e0bd6fbe-f46e-4961-9a79-49ec77d39439
Windows XP Professional x64 Edition (optionally with SP2):
http://www.microsoft.com/downloads/details.aspx?familyid=c5d26771-1f49-4bbf-902c-bf92e527cadb
Windows Server 2003 SP1/SP2:
http://www.microsoft.com/downloads/details.aspx?familyid=ac03f138-eca4-46e1-9782-e811820e547f
Windows Server 2003 x64 Edition (optionally with SP2):
http://www.microsoft.com/downloads/details.aspx?familyid=93f1451b-5b62-47e5-8f0c-b720b957999a
Windows Server 2003 with SP1/SP2 for Itanium-based Systems:
http://www.microsoft.com/downloads/details.aspx?familyid=14e99f8a-cdd4-40d7-8cfc-73ae6bd6dfad
Windows Vista (optionally with SP1):
http://www.microsoft.com/downloads/details.aspx?familyid=16f3ad21-ed77-4c32-93df-3b650b2b32a5
Windows Vista x64 Edition (optionally with SP1):
http://www.microsoft.com/downloads/details.aspx?familyid=aa47d016-f5c9-4586-8876-f1f4f255f54d
Windows Server 2008 for 32-bit Systems:
http://www.microsoft.com/downloads/details.aspx?familyid=23bd3be5-cc66-46f8-9420-49d65d8afe1d
Windows Server 2008 for x64-based Systems:
http://www.microsoft.com/downloads/details.aspx?familyid=7f1e0f05-6c9d-4ad1-9b19-50ee4fa7bd7e
Windows Server 2008 for Itanium-based Systems:
http://www.microsoft.com/downloads/details.aspx?familyid=5159bdba-3825-4816-a2be-ab035332b9e2
Internet Explorer 6 SP1 (Windows 2000 SP4):
http://www.microsoft.com/downloads/details.aspx?FamilyId=a860d2d9-653d-4ddb-bbff-323d3ccdb866
Microsoft .NET Framework 1.0 SP3 (Windows 2000 SP4):
http://www.microsoft.com/downloads/details.aspx?FamilyId=C7CBCD19-ACC1-4A89-ADFA-99B2F431510D
Microsoft .NET Framework 1.1 SP1 (Windows 2000 SP4):
http://www.microsoft.com/downloads/details.aspx?FamilyId=6013F866-3EA1-4672-B1BF-E516204C3A7A
Microsoft .NET Framework 2.0 (Windows 2000 SP4):
http://www.microsoft.com/downloads/details.aspx?FamilyId=7F1CD013-2C4B-4582-9114-CB840A96124A
Microsoft .NET Framework 2.0 SP1 (Windows 2000 SP4):
http://www.microsoft.com/downloads/details.aspx?FamilyId=215B73A3-46AB-44A8-A0FB-6D37BD1C39B8
Microsoft Office XP SP3:
http://www.microsoft.com/downloads/details.aspx?familyid=ef3de64c-fc17-4500-9da4-a3bba97fda6d
Microsoft Office 2003 SP2:
http://www.microsoft.com/downloads/details.aspx?familyid=e9f8e309-d721-4bab-b485-5eede8d49eb8
Microsoft Office 2003 SP3:
http://www.microsoft.com/downloads/details.aspx?familyid=e9f8e309-d721-4bab-b485-5eede8d49eb8
2007 Microsoft Office System:
http://www.microsoft.com/downloads/details.aspx?familyid=4b656fe8-6253-490c-a81a-e4e8f0bb58d2
2007 Microsoft Office System SP1:
http://www.microsoft.com/downloads/details.aspx?familyid=4b656fe8-6253-490c-a81a-e4e8f0bb58d2
Microsoft Visio 2002 SP2:
http://www.microsoft.com/downloads/details.aspx?familyid=a6d9d3ef-f087-4f61-9ec1-522b7d4b9c48
Microsoft Office PowerPoint Viewer 2003:
http://www.microsoft.com/downloads/details.aspx?familyid=cd503f08-1831-45ff-bdf4-dd918ca40505
Microsoft Works 8:
http://www.microsoft.com/downloads/details.aspx?familyid=EB0D224E-A517-40D9-9FC6-2345FA12A841
Microsoft Digital Image Suite 2006:
http://www.microsoft.com/downloads/details.aspx?familyid=04afd760-8173-4069-9e82-d3bf053d9eae
SQL Server 2000 Reporting Services SP2 (QFE):
http://www.microsoft.com/downloads/details.aspx?familyid=5F9E7F78-7439-414B-A9DC-A779B89427DB
SQL Server 2005 SP2 (GDR):
http://www.microsoft.com/downloads/details.aspx?familyid=4603C722-2468-4ADB-B945-2ED0458B8F47
SQL Server 2005 SP2 (QFE):
http://www.microsoft.com/downloads/details.aspx?familyid=5148B887-F323-4ADB-9721-61E1C0CFD213
SQL Server 2005 x64 Edition SP2 (GDR):
http://www.microsoft.com/downloads/details.aspx?familyid=4603C722-2468-4ADB-B945-2ED0458B8F47
SQL Server 2005 x64 Edition SP2 (QFE):
http://www.microsoft.com/downloads/details.aspx?familyid=5148B887-F323-4ADB-9721-61E1C0CFD213
SQL Server 2005 for Itanium-based Systems SP2 (GDR):
http://www.microsoft.com/downloads/details.aspx?familyid=4603C722-2468-4ADB-B945-2ED0458B8F47
SQL Server 2005 for Itanium-based Systems SP2 (QFE):
http://www.microsoft.com/downloads/details.aspx?familyid=5148B887-F323-4ADB-9721-61E1C0CFD213
Microsoft Visual Studio .NET 2002 SP1:
http://www.microsoft.com/downloads/details.aspx?familyid=7848A652-4025-44BB-9C98-37A078B56D01
Microsoft Visual Studio .NET 2003 SP1:
http://www.microsoft.com/downloads/details.aspx?familyid=9BC1E8F8-6C30-4AA0-90F5-FBB0AD5FD90E
Microsoft Visual Studio 2005 SP1:
http://www.microsoft.com/downloads/details.aspx?familyid=A7BF790B-3249-4EE8-9440-FA911EBBC08A
Microsoft Visual Studio 2008:
http://www.microsoft.com/downloads/details.aspx?familyid=A8C80B29-6D00-4949-A005-5D706122919A
Microsoft Report Viewer 2005 SP1 Redistributable Package:
http://www.microsoft.com/downloads/details.aspx?familyid=82833F27-081D-4B72-83EF-2836360A904D
Microsoft Report Viewer 2008 Redistributable Package:
http://www.microsoft.com/downloads/details.aspx?familyid=6AE0AA19-3E6C-474C-9D57-05B2347456B1
Microsoft Visual FoxPro 8.0 SP1 (Windows 2000 SP4):
http://www.microsoft.com/downloads/details.aspx?familyid=1F4371B9-B8BE-4455-94D2-2304EE340543
Microsoft Visual FoxPro 9.0 SP1 (Windows 2000 SP4):
http://www.microsoft.com/downloads/details.aspx?familyid=49B21E30-722D-446E-9020-ACEB3870DB69
Microsoft Visual FoxPro 9.0 SP2 (Windows 2000 SP4):
http://www.microsoft.com/downloads/details.aspx?familyid=36957F47-9D8B-477D-BD60-5959E5A2EAFA
Microsoft Platform SDK Redistributable: GDI+:
http://www.microsoft.com/downloads/details.aspx?FamilyId=6A63AB9C-DF12-4D41-933C-BE590FEAA05A
Microsoft Forefront Client Security 1.0 (Windows 2000 SP4):
http://www.microsoft.com/downloads/details.aspx?familyid=1EB1A79F-44CA-499E-90BB-AC51894E9D1E
PROVIDED AND/OR DISCOVERED BY:
1) The vendor credits Greg MacManus, iDefense Labs.
2) The vendor credits Bing Liu, Fortinet.
3) The vendor credits Ivan Fratric via ZDI and Peter Winter-Smith,
NGSSoftware.
4) The vendor credits Assurent Secure Technologies.
5) The vendor credits an anonymous person via ZDI.
ORIGINAL ADVISORY:
MS08-052 (KB954593):
http://www.microsoft.com/technet/security/Bulletin/MS08-052.mspx
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------