Signature Detail

HTTP: Microsoft Windows Kernel GDI32 Polyline Buffer Overflow

This signature detects attempts to exploit a known vulnerability in the Microsoft Windows Kernel GDI32 Polyline. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the affected user.

Extended Description

Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting victim to open a malicious EMF or WMF image file. Successfully exploiting this issue will allow attackers to execute arbitrary code with kernel-level privileges, completely compromising affected computers. Failed exploit attempts will result in a denial-of-service condition.

Affected Products

• Avaya messaging_application_server MM 1.1
• Avaya messaging_application_server MM 2.0
• Avaya messaging_application_server MM 3.0
• Avaya messaging_application_server MM 3.1
• Avaya messaging_application_server
• Microsoft windows_2000_advanced_server SP1
• Microsoft windows_2000_advanced_server SP2
• Microsoft windows_2000_advanced_server SP3
• Microsoft windows_2000_advanced_server SP4
• Microsoft windows_2000_advanced_server
• Microsoft windows_2000_datacenter_server SP1
• Microsoft windows_2000_datacenter_server SP2
• Microsoft windows_2000_datacenter_server SP3
• Microsoft windows_2000_datacenter_server SP4
• Microsoft windows_2000_datacenter_server
• Microsoft windows_2000_professional SP1
• Microsoft windows_2000_professional SP2
• Microsoft windows_2000_professional SP3
• Microsoft windows_2000_professional SP4
• Microsoft windows_2000_professional
• Microsoft windows_2000_server SP1
• Microsoft windows_2000_server SP2
• Microsoft windows_2000_server SP3
• Microsoft windows_2000_server SP4
• Microsoft windows_2000_server
• Microsoft windows_7 Beta
• Microsoft windows_server_2003 SP2
• Microsoft windows_server_2003_datacenter_edition SP1
• Microsoft windows_server_2003_datacenter_edition
• Microsoft windows_server_2003_datacenter_edition_itanium SP1
• Microsoft windows_server_2003_datacenter_edition_itanium SP1 Beta 1
• Microsoft windows_server_2003_datacenter_edition_itanium
• Microsoft windows_server_2003_datacenter_x64_edition SP2
• Microsoft windows_server_2003_datacenter_x64_edition
• Microsoft windows_server_2003_enterprise_edition SP1
• Microsoft windows_server_2003_enterprise_edition SP1 Beta 1
• Microsoft windows_server_2003_enterprise_edition
• Microsoft windows_server_2003_enterprise_edition_itanium SP1
• Microsoft windows_server_2003_enterprise_edition_itanium SP1 Beta 1
• Microsoft windows_server_2003_enterprise_edition_itanium
• Microsoft windows_server_2003_enterprise_x64_edition SP2
• Microsoft windows_server_2003_enterprise_x64_edition
• Microsoft windows_server_2003_itanium SP1
• Microsoft windows_server_2003_itanium SP2
• Microsoft windows_server_2003_itanium
• Microsoft windows_server_2003_standard_edition SP1
• Microsoft windows_server_2003_standard_edition SP2
• Microsoft windows_server_2003_standard_edition
• Microsoft windows_server_2003_standard_x64_edition
• Microsoft windows_server_2003_terminal_services
• Microsoft windows_server_2003_web_edition SP1
• Microsoft windows_server_2003_web_edition SP2
• Microsoft windows_server_2003_web_edition
• Microsoft windows_server_2003_x64 SP1
• Microsoft windows_server_2003_x64 SP2
• Microsoft windows_server_2008 SP2 Beta
• Microsoft windows_server_2008_for_32-bit_systems
• Microsoft windows_server_2008_for_itanium-based_systems
• Microsoft windows_server_2008_for_x64-based_systems
• Microsoft windows_vista Business
• Microsoft windows_vista Business SP1
• Microsoft windows_vista Enterprise
• Microsoft windows_vista Enterprise SP1
• Microsoft windows_vista Home Basic
• Microsoft windows_vista Home Basic SP1
• Microsoft windows_vista Home Premium
• Microsoft windows_vista Home Premium SP1
• Microsoft windows_vista SP1
• Microsoft windows_vista SP2 Beta
• Microsoft windows_vista Ultimate
• Microsoft windows_vista Ultimate SP1
• Microsoft windows_vista
• Microsoft windows_vista_business_64-bit_edition SP1
• Microsoft windows_vista_business_64-bit_edition
• Microsoft windows_vista_enterprise_64-bit_edition SP1
• Microsoft windows_vista_enterprise_64-bit_edition
• Microsoft windows_vista_home_basic_64-bit_edition SP1
• Microsoft windows_vista_home_basic_64-bit_edition
• Microsoft windows_vista_home_premium_64-bit_edition SP1
• Microsoft windows_vista_home_premium_64-bit_edition
• Microsoft windows_vista_ultimate_64-bit_edition SP1
• Microsoft windows_vista_ultimate_64-bit_edition
• Microsoft windows_vista_x64_edition SP1
• Microsoft windows_vista_x64_edition
• Microsoft windows_xp
• Microsoft windows_xp_64-bit_edition SP1
• Microsoft windows_xp_64-bit_edition
• Microsoft windows_xp_home SP1
• Microsoft windows_xp_home SP2
• Microsoft windows_xp_home SP3
• Microsoft windows_xp_media_center_edition SP1
• Microsoft windows_xp_media_center_edition SP2
• Microsoft windows_xp_media_center_edition SP3
• Microsoft windows_xp_media_center_edition
• Microsoft windows_xp_professional SP1
• Microsoft windows_xp_professional SP2
• Microsoft windows_xp_professional SP3
• Microsoft windows_xp_professional
• Microsoft windows_xp_professional_x64_edition SP2
• Microsoft windows_xp_professional_x64_edition SP3
• Microsoft windows_xp_professional_x64_edition
• Microsoft windows_xp_tablet_pc_edition SP1
• Microsoft windows_xp_tablet_pc_edition SP2
• Microsoft windows_xp_tablet_pc_edition SP3
• Microsoft windows_xp_tablet_pc_edition
• Nortel_networks callpilot 1002Rp
• Nortel_networks callpilot 1005R
• Nortel_networks callpilot 201I
• Nortel_networks callpilot 600R
• Nortel_networks callpilot 703T
• Nortel_networks self-service-ccss7
• Nortel_networks self-service_media_processing_server
• Nortel_networks self-service_mps_100
• Nortel_networks self-service_mps_1000
• Nortel_networks self-service_mps_500
• Nortel_networks self-service_peri_application
• Nortel_networks self-service_peri_workstation
• Nortel_networks self-service_speech_server
• Nortel_networks self_service_voicexml
• Nortel_networks self-service_wvads

References

• BugTraq: 34012
• CVE: CVE-2009-0081