Vulnerabilities > CVE-2009-1511 - Resource Management Errors vulnerability in Microsoft Windows XP

047910
CVSS 7.8 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
COMPLETE
network
low complexity
microsoft
CWE-399
exploit available

Summary

GDI+ in Microsoft Windows XP SP3 allows remote attackers to cause a denial of service (infinite loop) via a PNG file that contains a certain large btChunkLen value.

Vulnerable Configurations

Part Description Count
OS
Microsoft
1

Common Weakness Enumeration (CWE)

Exploit-Db

descriptionMicrosoft GDI Plugin .png Infinite Loop Denial of Service PoC. CVE-2009-1511. Dos exploit for windows platform
fileexploits/windows/dos/8466.pl
idEDB-ID:8466
last seen2016-02-01
modified2009-04-17
platformwindows
port
published2009-04-17
reporterCode Audit Labs
sourcehttps://www.exploit-db.com/download/8466/
titleMicrosoft GDI Plugin .png Infinite Loop Denial of Service PoC
typedos