oval:org.mitre.oval:def:4216

Definition Id: oval:org.mitre.oval:def:4216

Oval ID:	oval:org.mitre.oval:def:4216
Title:	GDI+ JPEG Parsing Engine Buffer Overflow (IE6)
Description:	Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2004-0200	Version:	6
Platform(s):	Microsoft Windows 2000	Product(s):	Microsoft Internet Explorer
Definition Synopsis:
Windows 2000 is installed AND Internet Explorer 6 Service Pack 1 is installed AND the version of vgx.dll is less than 6.0.2800.1411