CVE-2008-1083 in Windowsinfo

Summary

Heap-based buffer overflow in the CreateDIBPatternBrushPt function in GDI in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, and Server 2008 allows remote attackers to execute arbitrary code via an EMF or WMF image file with a malformed header that triggers an integer overflow, aka "GDI Heap Overflow Vulnerability."

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

02/28/2008

Disclosure

04/08/2008

Moderation

VulDB entry created

Entries

VDB-3673 (2)

CPE

ready

CWE

CWE-119 (Confirmed)

Exploit

Download

CVSS

7.7

EPSS

0.52215

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2008-1083
NVD	https://nvd.nist.gov/vuln/detail/CVE-2008-1083
CVE Details	https://www.cvedetails.com/cve/CVE-2008-1083/

◂ Previous Overview Next ▸