Signature Detail

HTTP: Microsoft Windows GDI Metafile Image Handling Heap Overflow

This signature detects attempts to exploit a known vulnerability in the Microsoft Windows GDI Metafile Handler. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the user.

Extended Description

Microsoft Windows is prone to a heap-based overflow vulnerability that resides in the GDI graphics library and can be triggered by a malformed EMF or WMF image file. A successful exploit of this vulnerability can allow a remote attacker to completely compromise the affected computer.

Affected Products

• HP Storage Management Appliance 2.1
• Microsoft Windows 2000 Advanced Server SP4
• Microsoft Windows 2000 Datacenter Server SP4
• Microsoft Windows 2000 Professional SP4
• Microsoft Windows 2000 Server SP4
• Microsoft Windows Server 2003 SP1
• Microsoft Windows Server 2003 SP2
• Microsoft Windows Server 2003 Datacenter Edition SP1
• Microsoft Windows Server 2003 Datacenter Edition Itanium SP1
• Microsoft Windows Server 2003 Datacenter x64 Edition SP2
• Microsoft Windows Server 2003 Enterprise Edition SP1
• Microsoft Windows Server 2003 Enterprise Edition Itanium SP1
• Microsoft Windows Server 2003 Enterprise x64 Edition SP2
• Microsoft Windows Server 2003 Itanium SP1
• Microsoft Windows Server 2003 Itanium SP2
• Microsoft Windows Server 2003 Standard Edition SP1
• Microsoft Windows Server 2003 Standard Edition SP2
• Microsoft Windows Server 2003 Web Edition SP1
• Microsoft Windows Server 2003 Web Edition SP2
• Microsoft Windows Server 2003 x64 SP2
• Microsoft Windows Server 2008 Datacenter Edition
• Microsoft Windows Server 2008 Enterprise Edition
• Microsoft Windows Server 2008 Standard Edition
• Microsoft Windows Vista Business
• Microsoft Windows Vista Business SP1
• Microsoft Windows Vista Enterprise
• Microsoft Windows Vista Enterprise SP1
• Microsoft Windows Vista Home Basic
• Microsoft Windows Vista Home Basic SP1
• Microsoft Windows Vista Home Premium
• Microsoft Windows Vista Home Premium SP1
• Microsoft Windows Vista SP1
• Microsoft Windows Vista Ultimate
• Microsoft Windows Vista Ultimate SP1
• Microsoft Windows Vista
• Microsoft Windows Vista Business 64-bit edition SP1
• Microsoft Windows Vista Business 64-bit edition
• Microsoft Windows Vista Enterprise 64-bit edition SP1
• Microsoft Windows Vista Enterprise 64-bit edition
• Microsoft Windows Vista Home Basic 64-bit edition SP1
• Microsoft Windows Vista Home Basic 64-bit edition
• Microsoft Windows Vista Home Premium 64-bit edition SP1
• Microsoft Windows Vista Home Premium 64-bit edition
• Microsoft Windows Vista Ultimate 64-bit edition SP1
• Microsoft Windows Vista Ultimate 64-bit edition
• Microsoft Windows XP Home SP2
• Microsoft Windows XP Media Center Edition SP2
• Microsoft Windows XP Professional SP2
• Microsoft Windows XP Professional x64 Edition SP2
• Microsoft Windows XP Tablet PC Edition SP2
• Nortel Networks CallPilot 1002Rp
• Nortel Networks CallPilot 200I
• Nortel Networks CallPilot 201I
• Nortel Networks CallPilot 702T
• Nortel Networks CallPilot 703T
• Research In Motion Blackberry Enterprise Server 4.0.3
• Research In Motion Blackberry Enterprise Server 4.0 SP3
• Research In Motion Blackberry Enterprise Server 4.1.3
• Research In Motion Blackberry Enterprise Server 4.1.4
• Research In Motion Blackberry Enterprise Server 4.1.5
• Research In Motion Blackberry Enterprise Server 4.1.6
• Research In Motion Blackberry Professional Software 4.1.4
• Research In Motion Blackberry Unite! 1.0
• Research In Motion Blackberry Unite! 1.0.1
• Research In Motion Blackberry Unite! 1.0.1 Bundle 36

References

• BugTraq: 28571
• BugTraq: 28570
• CVE: CVE-2008-1083
• CVE: CVE-2008-1087