HP Security Bulletin - Various potential security vulnerabilities have been identified in Microsoft software that is running on the Storage Management Appliance (SMA). Some of these vulnerabilities may be pertinent to the SMA, please check the table in the Resolution section of this Security Bulletin.
2e4ffbf4438b0b0f934a05ed61e235bf9fb4fcd4accbe0150cd3979ef9ea1104
iDefense Security Advisory 08.12.08 - Remote exploitation of a heap buffer overflow vulnerability in the "BMPIMP32.FLT" filter module, as distributed with Microsoft Office, allows attackers to execute arbitrary code. The vulnerability specifically exists in the handling of Windows Bitmap (BMP) image files with malformed headers. By specifying a very large number of colors in the header, it is possible to cause controllable heap corruption, which can be leveraged to execute arbitrary code. iDefense confirmed that the "BMPIMP32.FLT" module installed with Microsoft Office XP SP3, including all patches as of May 24, 2006, is vulnerable. Other versions may also be vulnerable.
c369d53fc3514c335589aaa73929390220ce4db88b492cebeba1b267acc42c1e