Vulnerabilities > CVE-2004-0200 - Unspecified vulnerability in Microsoft products

047910
CVSS 9.3 - CRITICAL
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
microsoft
critical
nessus
exploit available

Summary

Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.

Exploit-Db

  • descriptionMS Windows JPEG GDI+ Overflow Download Shellcode Exploit (MS04-028). CVE-2004-0200. Remote exploit for windows platform
    idEDB-ID:478
    last seen2016-01-31
    modified2004-09-25
    published2004-09-25
    reporterATmaCA
    sourcehttps://www.exploit-db.com/download/478/
    titleMicrosoft Windows - JPEG GDI+ Overflow Download Shellcode Exploit MS04-028
  • descriptionMS Windows JPEG GDI+ Overflow Administrator Exploit (MS04-028). CVE-2004-0200. Remote exploit for windows platform
    idEDB-ID:475
    last seen2016-01-31
    modified2004-09-23
    published2004-09-23
    reporterElia Florio
    sourcehttps://www.exploit-db.com/download/475/
    titleMicrosoft Windows - JPEG GDI+ Overflow Administrator Exploit MS04-028
  • descriptionMS Windows JPEG Processing Buffer Overrun Exploit (MS04-028). CVE-2004-0200. Dos exploit for windows platform
    idEDB-ID:474
    last seen2016-01-31
    modified2004-09-22
    published2004-09-22
    reporterperplexy
    sourcehttps://www.exploit-db.com/download/474/
    titleMicrosoft Windows - JPEG Processing Buffer Overrun Exploit MS04-028
  • descriptionMS Windows JPEG GDI+ Remote Heap Overflow Exploit (MS04-028). CVE-2004-0200. Remote exploit for windows platform
    idEDB-ID:480
    last seen2016-01-31
    modified2004-09-25
    published2004-09-25
    reporterJohn Bissell
    sourcehttps://www.exploit-db.com/download/480/
    titleMicrosoft Windows - JPEG GDI+ Remote Heap Overflow Exploit MS04-028
  • descriptionMS Windows JPEG GDI+ Overflow Shellcoded Exploit. CVE-2004-0200. Remote exploit for windows platform
    idEDB-ID:472
    last seen2016-01-31
    modified2004-09-22
    published2004-09-22
    reporterFoToZ
    sourcehttps://www.exploit-db.com/download/472/
    titleMicrosoft Windows - JPEG GDI+ Overflow Shellcoded Exploit
  • descriptionMS Windows JPEG GDI+ All-In-One Bind/Reverse/Admin/FileDownload. CVE-2004-0200. Remote exploit for windows platform
    idEDB-ID:556
    last seen2016-01-31
    modified2004-09-27
    published2004-09-27
    reporterM4Z3R
    sourcehttps://www.exploit-db.com/download/556/
    titleMicrosoft Windows - JPEG GDI+ All-In-One Bind/Reverse/Admin/FileDownload

Nessus

  • NASL familyWindows : Microsoft Bulletins
    NASL idSMB_NT_MS04-028.NASL
    descriptionThe remote host is running a version of Windows that is vulnerable to a buffer overrun attack when viewing a JPEG file which could allow an attacker to execute arbitrary code on the remote host. To exploit this flaw, an attacker would need to send a malformed JPEG file to a user on the remote host and wait for him to open it using an affected Microsoft application.
    last seen2020-06-01
    modified2020-06-02
    plugin id14724
    published2004-09-14
    reporterThis script is Copyright (C) 2004-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/14724
    titleMS04-028: Buffer Overrun in JPEG Processing (833987)
  • NASL familyBackdoors
    NASL idRADMIN_PORT_10002.NASL
    descriptionThe remote host is running radmin - a remote administration tool - on port 10002. This indicates that an attacker may have exploited one of the flaws described in MS04-028 with a widely available exploit. As a result, anyone may connect to the remote host and gain control by logging into the remote radmin server.
    last seen2020-06-01
    modified2020-06-02
    plugin id14834
    published2004-09-28
    reporterThis script is Copyright (C) 2004-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/14834
    titleRadmin (Remote Administrator) Port 10002 - Possible GDI Compromise
  • NASL familyBackdoors
    NASL idSMB_LOGIN_AS_X.NASL
    descriptionIt was possible to log into the remote host with the login
    last seen2020-06-01
    modified2020-06-02
    plugin id14818
    published2004-09-24
    reporterThis script is Copyright (C) 2004-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/14818
    titleMS04-028 Exploitation Backdoor Account Detection

Oval

  • accepted2006-01-04T08:04:00.000-04:00
    classvulnerability
    contributors
    • nameIngrid Skoog
      organizationThe MITRE Corporation
    • nameRobert L. Hollis
      organizationThreatGuard, Inc.
    descriptionBuffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.
    familywindows
    idoval:org.mitre.oval:def:1105
    statusaccepted
    submitted2004-09-20T03:22:00.000-04:00
    titleGDI+ JPEG Parsing Engine Buffer Overflow (Server 2003)
    version65
  • accepted2014-01-20T04:00:16.348-05:00
    classvulnerability
    contributors
    • nameIngrid Skoog
      organizationThe MITRE Corporation
    • nameIngrid Skoog
      organizationThe MITRE Corporation
    • nameRobert L. Hollis
      organizationThreatGuard, Inc.
    • nameJohn Hoyland
      organizationCentennial Software
    • nameJohn Hoyland
      organizationCentennial Software
    • nameMaria Kedovskaya
      organizationALTX-SOFT
    descriptionBuffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.
    familywindows
    idoval:org.mitre.oval:def:1721
    statusaccepted
    submitted2004-09-24T04:32:00.000-04:00
    titleGDI+ JPEG Parsing Engine Buffer Overflow (VS.NET 2003)
    version35
  • accepted2012-05-28T04:01:36.867-04:00
    classvulnerability
    contributors
    • nameIngrid Skoog
      organizationThe MITRE Corporation
    • nameIngrid Skoog
      organizationThe MITRE Corporation
    • nameIngrid Skoog
      organizationThe MITRE Corporation
    • nameRobert L. Hollis
      organizationThreatGuard, Inc.
    • nameRobert L. Hollis
      organizationThreatGuard, Inc.
    • nameJonathan Baker
      organizationThe MITRE Corporation
    • nameShane Shaffer
      organizationG2, Inc.
    definition_extensions
    commentMicrosoft Office 2003 is installed
    ovaloval:org.mitre.oval:def:233
    descriptionBuffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.
    familywindows
    idoval:org.mitre.oval:def:2706
    statusaccepted
    submitted2004-09-24T12:00:00.000-04:00
    titleGDI+ JPEG Parsing Engine Buffer Overflow (Office 2003)
    version8
  • accepted2006-01-12T08:59:00.000-04:00
    classvulnerability
    contributors
    • nameIngrid Skoog
      organizationThe MITRE Corporation
    • nameIngrid Skoog
      organizationThe MITRE Corporation
    • nameIngrid Skoog
      organizationThe MITRE Corporation
    • nameRobert L. Hollis
      organizationThreatGuard, Inc.
    descriptionBuffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.
    familywindows
    idoval:org.mitre.oval:def:3038
    statusaccepted
    submitted2004-09-27T12:00:00.000-04:00
    titleGDI+ JPEG Parsing Engine Buffer Overflow (Project 2002,SP1)
    version7
  • accepted2006-01-12T08:59:00.000-04:00
    classvulnerability
    contributors
    • nameIngrid Skoog
      organizationThe MITRE Corporation
    • nameIngrid Skoog
      organizationThe MITRE Corporation
    • nameIngrid Skoog
      organizationThe MITRE Corporation
    • nameRobert L. Hollis
      organizationThreatGuard, Inc.
    descriptionBuffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.
    familywindows
    idoval:org.mitre.oval:def:3082
    statusaccepted
    submitted2004-09-27T12:00:00.000-04:00
    titleGDI+ JPEG Parsing Engine Buffer Overflow (Visio Pro 2002)
    version8
  • accepted2007-07-03T14:05:59.508-04:00
    classvulnerability
    contributors
    • nameIngrid Skoog
      organizationThe MITRE Corporation
    • nameIngrid Skoog
      organizationThe MITRE Corporation
    • nameIngrid Skoog
      organizationThe MITRE Corporation
    • nameRobert L. Hollis
      organizationThreatGuard, Inc.
    • nameRobert L. Hollis
      organizationThreatGuard, Inc.
    definition_extensions
    commentMicrosoft Office Visio 2003 is installed
    ovaloval:org.mitre.oval:def:1450
    descriptionBuffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.
    familywindows
    idoval:org.mitre.oval:def:3320
    statusaccepted
    submitted2004-09-27T12:00:00.000-04:00
    titleGDI+ JPEG Parsing Engine Buffer Overflow Microsoft Office Visio Pro 2003
    version10
  • accepted2006-01-12T08:59:00.000-04:00
    classvulnerability
    contributors
    • nameIngrid Skoog
      organizationThe MITRE Corporation
    • nameIngrid Skoog
      organizationThe MITRE Corporation
    • nameIngrid Skoog
      organizationThe MITRE Corporation
    • nameRobert L. Hollis
      organizationThreatGuard, Inc.
    descriptionBuffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.
    familywindows
    idoval:org.mitre.oval:def:3810
    statusaccepted
    submitted2004-09-24T12:00:00.000-04:00
    titleGDI+ JPEG Parsing Engine Buffer Overflow (Project 2003)
    version7
  • accepted2006-01-12T08:59:00.000-04:00
    classvulnerability
    contributors
    • nameIngrid Skoog
      organizationThe MITRE Corporation
    • nameIngrid Skoog
      organizationThe MITRE Corporation
    • nameRobert L. Hollis
      organizationThreatGuard, Inc.
    descriptionBuffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.
    familywindows
    idoval:org.mitre.oval:def:3881
    statusaccepted
    submitted2004-10-04T12:00:00.000-04:00
    titleGDI+ JPEG Parsing Engine Buffer Overflow (Office XP,SP2)
    version7
  • accepted2006-01-12T08:59:00.000-04:00
    classvulnerability
    contributors
    • nameIngrid Skoog
      organizationThe MITRE Corporation
    • nameRobert L. Hollis
      organizationThreatGuard, Inc.
    descriptionBuffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.
    familywindows
    idoval:org.mitre.oval:def:4003
    statusaccepted
    submitted2004-09-20T03:32:00.000-04:00
    titleGDI+ JPEG Parsing Engine Buffer Overflow (Windows XP)
    version65
  • accepted2014-02-24T04:03:18.221-05:00
    classvulnerability
    contributors
    • nameIngrid Skoog
      organizationThe MITRE Corporation
    • nameRobert L. Hollis
      organizationThreatGuard, Inc.
    • nameRobert L. Hollis
      organizationThreatGuard, Inc.
    • nameClifford Farrugia
      organizationGFI Software
    • nameMaria Mikhno
      organizationALTX-SOFT
    descriptionBuffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.
    familywindows
    idoval:org.mitre.oval:def:4216
    statusaccepted
    submitted2004-10-04T09:55:00.000-04:00
    titleGDI+ JPEG Parsing Engine Buffer Overflow (IE6)
    version11
  • accepted2014-01-20T04:01:19.269-05:00
    classvulnerability
    contributors
    • nameIngrid Skoog
      organizationThe MITRE Corporation
    • nameRobert L. Hollis
      organizationThreatGuard, Inc.
    • nameJohn Hoyland
      organizationCentennial Software
    • nameJohn Hoyland
      organizationCentennial Software
    • nameMaria Kedovskaya
      organizationALTX-SOFT
    descriptionBuffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.
    familywindows
    idoval:org.mitre.oval:def:4307
    statusaccepted
    submitted2004-09-30T11:37:00.000-04:00
    titleGDI+ JPEG Parsing Engine Buffer Overflow (VS.NET 2002)
    version34