Wednesday, September 10, 2008

Windows GDI+ GIF memory corruption

There is a memory corruption vulnerability in GIF file processing in Microsoft GDI+ that can be used to crash a vulnerable application and potentially execute arbitrary code.

The vulnerability

The vulnerability is caused due to improper handling of graphic control extension when processing malformed GIF files. The vulnerability can be triggered if a large number of extension markers (0x21) followed by unknown labels is found when processing a GIF file.


This vulnerability can be used to corrupt memory of any application utilizing GDI+ for GIF file decoding if it is used to open a malformed GIF file. This could lead to code execution with the privileges of the user running the vulnerable application.



Shiny Tinu said...

Thanks for sharing wonderful blog. For Embedded Training in Chennai Visit Fita Academy Embedded system Training in Chennai

aliya seen said...

If you are using shopify theme manager you can design anything without content.

Cynthia D. Fagan said...

Most of the parents seems to gives the greed to their child as if they do focus on their study and got some good grades then they will get them a new car or something like that of their choice.visit the website

odms said...

I like your post....Thanks for your valuable information.

, seo services in hyderabad

janaki sree ram said...

Nice information thanks for sharing
Best SEO consultant in Chennai

Brn Infotech said...

Thanks for posting the useful information to my vision. This is excellent information,.
iphone app training course

Web Design And Development Company said...

your blog is very nice and the information is very useful for us.
Web design and development company

Android Mobile App Development said...

hello, Thanks for sharing this information.

We are one of the most trusted Android Mobile App Development and IOS application development
to meet your business complex requirement through the offshore world.
Do you have the project and want to discuss with us? We can assist you in Web Application Development, Mobile App development, Games Development & Emerging Technology.

trendingjobz said...

Nice blog..! I really loved reading through this article. Thanks for sharing such a amazing post with us and keep blogging...
call centre training services in hyd

kavya sharma said...

Generic ecplusa
Myhepall in Thailand
Myhepall in Romania
Myhepall in Russia
Myhepall in Italy

mobile application development said...

Amazing Post. Your writing is very inspiring. Thanks for Posting.
Mobile App Development Company in chennai
mobile app development chennai
Mobile application development company in chennai
Mobile application development chennai
Mobile apps development companies in chennai
enterprise mobile app development company

Java application development said...

I have perused your blog its appealing and noteworthy. I like it your blog.
Java application development company
Java development company
Java outsourcing company
Hire java developer
java web development services

Software development company said...

I have scrutinized your blog its engaging and imperative. I like it your blog.
custom application development services
Software development company
software application development company
offshore software development company
custom software development company

best ppc company in india said...

I have inspected your blog its associating with and essential. I like it your blog.
ppc services in india
best ppc company in india
ppc services india
ppc advertising services
ppc services company

Digitalmarketing said...

I have perused your blog its appealing and noteworthy. I like it your blog.
digital marketing company in chennai,
digital marketing agency in india,
digital marketing company in chennai,
online marketing company in chennai,
digital marketing company in india,
digital marketing services,
digital marketing company