iDefense Security Advisory 12.09.08 - Remote exploitation of an integer overflow vulnerability in multiple versions of Microsoft Corp.'s Windows operating system could allow an attacker to execute arbitrary code with the privileges of the current user. iDefense has confirmed that gdi32.dll file version 5.1.2600.3316, as included in fully patched Windows XP Service Pack 2 as of May 2008, is vulnerable. Other versions of Windows are suspected to be vulnerable.
68501cbdd911465db4d25283b8377fdde05b71c2c0c33e8d6509ecde49f62b47