Skip navigation
Menu
Security

Remote Code Execution in Microsoft Color Management Module

Reported July 12, 2005 by Microsoft

VERSIONS AFFECTED

           
Windows 98
Windows 2000
Windows XP
Windows Server 2003

DESCRIPTION

The JView Profiler contains a flaw in the way it processes International Color Code (ICC) profile format tags. The flaw could allow a remote intruder to take complete control of an affected system.

VENDOR RESPONSE

Microsoft released a security bulletin, "Vulnerability in Microsoft Color Management Module Could Allow Remote Code Execution (901214)," and an associated patch to correct the problem.

CREDIT

Discovered by Shih-hao Weng of Information & Communication Security Technology Center (ICST)

Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Recommended Reading