Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:17208
HistoryJun 11, 2007 - 12:00 a.m.

CSIS Advisory: Microsoft GDI+ Integer division by zero flaw handling .ICO files

2007-06-1100:00:00
vulners.com
8
JSON

CSIS Security Group has discovered an "Integer division by zero" flaw in
the GDI+
component in Windows XP. This condition are activated when a malformed
ICO file
are viewed through either Windows Explorer or other components like
"Windows
Picture and Fax Viewer".

The consequence of this flaw is a Denial of Service condition and doing
a restart of
the explorer process.

Further exploitation has not been verified.

The full advisory can be downloaded at the following link:
http://www.csis.dk/dk/forside/GdiPlus.pdf

Best Regards
Dennis Rand
Malware/Security Researcher
CSIS Security Group
http://www.csis.dk

JSON