seeing is believing
Showing 1 - 8 of 8 RSS Feed

CVE-2004-0200

Status Candidate

Overview

Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.

Related Files

sacred_jpg.c
Posted Oct 7, 2004
Authored by Crypto

GDI+ buffer overrun exploit that builds a malicious .JPG file.

tags | exploit, overflow
advisories | CVE-2004-0200
MD5 | 4cd6913e57956a3bb37690712ce74cb3
JpegOfDeathAll.c
Posted Sep 29, 2004
Authored by M4Z3R

GDI+ JPEG remote exploit that is a modified version of the FoToZ exploit that has reverse connect-back functionality as well as a bind feature that will work with all NT based OSes. This even-moreso enhanced version also has the ability add a user to the administrative group and can perform a file download.

tags | exploit, remote
advisories | CVE-2004-0200
MD5 | f7f34642b20f482a8ce7f619bb239501
JpgDownloader.c
Posted Sep 29, 2004
Authored by ATmaCA | Site prohack.net

Microsoft Windows JPEG GDI+ Overflow Download Shellcoded exploit.

tags | exploit, overflow, shellcode
systems | windows
advisories | CVE-2004-0200
MD5 | aa804f40ffe756a77f4906e51432550e
JpegOfDeath.c
Posted Sep 29, 2004
Authored by John Bissell A.K.A. HighT1mes

GDI+ JPEG remote exploit that is a modified version of the FoToZ exploit that has reverse connect-back functionality as well as a bind feature that will work with all NT based OSes.

tags | exploit, remote
advisories | CVE-2004-0200
MD5 | f782b4f39d2b36dae9a9c07dd5d1f11e
ms04-028-cmd.c
Posted Sep 29, 2004
Authored by FoToZ

Microsoft Windows proof of concept JPEG GDI+ overflow shellcoded exploit that launches a local cmd.exe.

tags | exploit, overflow, local, shellcode, proof of concept
systems | windows
advisories | CVE-2004-0200
MD5 | fbed06712fd1e70c91a66c5074f84768
Technical Cyber Security Alert 2004-260A
Posted Sep 17, 2004
Authored by US-CERT | Site cert.org

Technical Cyber Security Alert TA04-260A - Microsoft's Graphic Device Interface Plus (GDI+) contains a vulnerability in the processing of JPEG images. This vulnerability may allow attackers to remotely execute arbitrary code on the affected system. Exploitation may occur as the result of viewing a malicious web site, reading an HTML-rendered email message, or opening a crafted JPEG image in any vulnerable application. The privileges gained by a remote attacker depend on the software component being attacked.

tags | advisory, remote, web, arbitrary
advisories | CVE-2004-0200
MD5 | 48fc2f0a102082a846aaac33df78ce20
jpegcompoc.zip
Posted Sep 17, 2004
Site gulftech.org

Proof of concept exploit for the recent JPEG buffer overrun vulnerability that crashes any Windows XP system that has not been patched for this flaw.

tags | exploit, overflow, proof of concept
systems | windows, xp
advisories | CVE-2004-0200
MD5 | 4ad5d8988446467319a2cc56f786cbfb
ms04-028.html
Posted Sep 15, 2004
Authored by Nick DeBaggis | Site microsoft.com

Microsoft Security Advisory MS04-028 - A buffer overrun vulnerability exists in the processing of JPEG image formats that could allow remote code execution on an affected system. Any program that processes JPEG images on the affected systems could be vulnerable to this attack, and any system that uses the affected programs or components could be vulnerable to this attack. An attacker who successfully exploited this vulnerability could take complete control of an affected system.

tags | advisory, remote, overflow, code execution
advisories | CVE-2004-0200
MD5 | 59ad7ae61e6c37eb9c10b64767d254cf
Page 1 of 1
Back1Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    28 Files
  • 26
    Jul 26th
    2 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close