Vulnerabilities > CVE-2009-1511 - Resource Management Errors vulnerability in Microsoft Windows XP

CVSS 7.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

network

low complexity

microsoft

CWE-399

exploit available

NVD

Published: 2009-05-01

Updated: 2017-09-29

Summary

GDI+ in Microsoft Windows XP SP3 allows remote attackers to cause a denial of service (infinite loop) via a PNG file that contains a certain large btChunkLen value.

Vulnerable Configurations

Part	Description	Count
OS	Microsoft Microsoft Windows XP *	1

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

Exploit-Db

description	Microsoft GDI Plugin .png Infinite Loop Denial of Service PoC. CVE-2009-1511. Dos exploit for windows platform
file	exploits/windows/dos/8466.pl
id	EDB-ID:8466
last seen	2016-02-01
modified	2009-04-17
platform	windows
port
published	2009-04-17
reporter	Code Audit Labs
source	https://www.exploit-db.com/download/8466/
title	Microsoft GDI Plugin .png Infinite Loop Denial of Service PoC
type	dos

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Exploit-Db

References