Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Stack-based buffer overflow in the CreateSizedDIBSECTION function in shimgvw.dll in the Windows Shell graphics processor (aka graphics rendering engine) in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted .MIC or unspecified Office document containing a thumbnail bitmap with a negative biClrUsed value, as reported by Moti and Xu Hao, aka "Windows Shell Graphics Processing Overrun Vulnerability."
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Microsoft Windows Shell图形处理器shimgvw.dll CreateSizedDIBSECTION函数栈缓冲区溢出漏洞
Vulnerability Description
Microsoft Windows Shell图形处理器(graphics rendering engine)的shimgvw.dll中的CreateSizedDIBSECTION函数中存在基于栈的缓冲区溢出漏洞。远程攻击者可借助畸形的.MIC或包含带有负biClrUsed值缩略位图的未明Office文档执行任意代码。 该漏洞位于Microsoft Windows XP SP2和SP3版本,Server 2003 SP2版本,Vista SP1和SP2版本,以及Server 2008 Gold和SP2版本
CVSS Information
N/A
Vulnerability Type
N/A