GDI Library Could Be Used to Cause DoS


Reported March 17, 2005, by Hongzhen Zhou

VERSIONS AFFECTED

         Windows 2000 platforms

DESCRIPTION

The graphics device interface (GDI) library lacks validity checking, and this oversight could allow a specially crafted Enhanced MetaFile (EMF) to cause a denial of service (DoS) by crashing an affected application.

VENDOR RESPONSE

No patch is available yet to correct this problem.

CREDIT
Discovered by Hongzhen Zhou

TAGS: Security
Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish