SecurityHome.eu MS08-021 – Critical: Vulnerability in GDI Could Allow Remote Code Execution (948590)

Home / bulletins

MS08-021 – Critical: Vulnerability in GDI Could Allow Remote Code Execution (948590) - Version:1.2
Posted on 12 April 2008
There is an newer version: MS08-021 - Version: 1.2
Critical
Severity Rating: Critical - Revision Note: V1.2 (April 11, 2008): Bulletin updated to remove a reference to unsupported software in the Vulnerability FAQs.Summary: This critical security update resolves two privately reported vulnerabilities in GDI. Exploitation of either of these vulnerabilities could allow remote code execution if a user opens a specially crafted EMF or WMF image file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Link
Other versions
MS08-021 - Version: 1.0
MS08-021 - Version: 1.1
MS08-021 - Version: 1.2
MS08-021 - Version: 1.2

TOP

Bulletins :

4053440 - Securely opening Microsoft Office documents that contain Dynamic Data Exchange (DDE) fields - Version: 2.0 -
4056318 - Guidance for securing AD DS account used by Azure AD Connect for directory synchronization - Version: 1.0 -
4053440 - Securely opening Microsoft Office documents that contain Dynamic Data Exchange (DDE) fields - Version: 1.0 -
MS14-085 - Important: Vulnerability in Microsoft Graphics Component Could Allow Information Disclosure (3013126) - 1.1
MS16-JUL Security Bulletin Summary for July 2016 - 2.0

Last 20

Exploits :

Customer Support System 1.0 Cross Site Scripting
Xhibiter NFT Marketplace 1.10.2 SQL Injection
WordPress WPCode Lite 2.1.14 Cross Site Scripting
Azon Dominator Affiliate Marketing Script SQL Injection
Simple Laboratory Management System 1.0 SQL Injection

Last 20