This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 2008-12-10
Product Windows Server 2003 Last view 2008-12-10
Version * Type Os
Update x64  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:microsoft:windows_server_2003

Activity : Overall

Related : CVE

  Date Alert Description
9.3 2008-12-10 CVE-2008-3465

Heap-based buffer overflow in an API in GDI in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows context-dependent attackers to cause a denial of service or execute arbitrary code via a WMF file with a malformed file-size parameter, which would not be properly handled by a third-party application that uses this API for a copy operation, aka "GDI Heap Overflow Vulnerability."

9.3 2008-12-10 CVE-2008-2249

Integer overflow in GDI in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to execute arbitrary code via a malformed header in a crafted WMF file, which triggers a buffer overflow, aka "GDI Integer Overflow Vulnerability."

CWE : Common Weakness Enumeration

%idName
50% (1) CWE-189 Numeric Errors
50% (1) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

Open Source Vulnerability Database (OSVDB)

id Description
50562 Microsoft Windows GDI WMF Image Size Parameter Parsing Overflow
50561 Microsoft Windows GDI WMF Image Parsing Integer Math Overflow

OpenVAS Exploits

id Description
2008-12-10 Name : Vulnerabilities in GDI Could Allow Remote Code Execution (956802)
File : nvt/secpod_ms08-071.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2008-A-0086 Microsoft GDI Remote Code Execution Vulnerabilities
Severity: Category II - VMSKEY: V0017910

Snort® IPS/IDS

Date Description
2017-08-01 Microsoft GDI WMF file parsing integer overflow attempt
RuleID : 43362 - Type : FILE-IMAGE - Revision : 2
2017-08-01 Microsoft GDI WMF file parsing integer overflow attempt
RuleID : 43361 - Type : FILE-IMAGE - Revision : 2
2017-08-01 Microsoft GDI WMF file parsing integer overflow attempt
RuleID : 43360 - Type : FILE-IMAGE - Revision : 2
2017-08-01 Microsoft GDI WMF file parsing integer overflow attempt
RuleID : 43359 - Type : FILE-IMAGE - Revision : 2
2014-01-10 Microsoft GDI WMF file parsing integer overflow attempt
RuleID : 15105 - Type : FILE-IMAGE - Revision : 19

Nessus® Vulnerability Scanner

id Description
2008-12-10 Name: Arbitrary code can be executed on the remote host through the Microsoft GDI r...
File: smb_nt_ms08-071.nasl - Type: ACT_GATHER_INFO