CVE-2007-5348

CVE	CVE-2007-5348
State	PUBLISHED
Assigner	microsoft
Source Priority	CVE Program / NVD first with legacy fallback
Published	2008-09-11 01:01:19 UTC
Updated	2026-04-23 00:35:47 UTC
Description	Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via an image file with crafted gradient sizes in gradient fill input, which triggers a heap-based buffer overflow related to GdiPlus.dll and VGX.DLL, aka "GDI+ VML Buffer Overrun Vulnerability."

Primary CVSS: v2.0 9.3 from [email protected]

AV:N/AC:M/Au:N/C:C/I:C/A:C

Problem Types: CWE-189 | n/a

Access Vector

Network

Access Complexity

Medium

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

AV:N/AC:M/Au:N/C:C/I:C/A:C

Type	Vendor	Product	Version	Update	Edition	Language
Application	Microsoft	Digital Image Suite	2006	All	All	All
Application	Microsoft	Forefront Client Security	1.0	All	All	All
Application	Microsoft	Internet Explorer	6	sp1	All	All
Application	Microsoft	Office	2003	sp2	All	All
Application	Microsoft	Office	2003	sp3	All	All
Application	Microsoft	Office	xp	sp3	All	All
Application	Microsoft	Office Powerpoint Viewer	2003	All	All	All
Operating System	Microsoft	Office System	All	gold	All	All
Operating System	Microsoft	Office System	All	sp1	All	All
Application	Microsoft	Report Viewer	2005	sp1	All	All
Application	Microsoft	Report Viewer	2008	All	All	All
Application	Microsoft	Server	2008	All	All	All
Application	Microsoft	Sql Server	2005	sp2	All	All
Application	Microsoft	Sql Server Reporting Services	2000	sp2	All	All
Application	Microsoft	Visio	2002	sp2	All	All
Operating System	Microsoft	Windows	2003_server	sp1	All	All
Operating System	Microsoft	Windows	2003_server	sp2	All	All
Operating System	Microsoft	Windows-nt	vista	All	gold	All
Operating System	Microsoft	Windows-nt	xp	sp3	All	All
Operating System	Microsoft	Windows Vista	-	sp1	All	All
Operating System	Microsoft	Windows Xp	-	sp2	All	All
Application	Microsoft	Works	8.0	All	All	All

Source	Vendor	Product	Version	Platforms
CNA	Na	N/a	affected n/a	Not specified

Reference	Source	Link	Tags
Microsoft GDI+ VML Heap-Based Buffer Overflow Vulnerability	af854a3a-2127-422b-91ae-364da2661108	www.securityfocus.com
Repository / Oval Repository	af854a3a-2127-422b-91ae-364da2661108	oval.cisecurity.org
US-CERT Technical Cyber Security Alert TA08-253A -- Microsoft Updates for Multiple Vulnerabilities	af854a3a-2127-422b-91ae-364da2661108	www.us-cert.gov	US Government Resource
Public Advisory: 09.09.08 // iDefense Labs	af854a3a-2127-422b-91ae-364da2661108	labs.idefense.com
Microsoft Security Bulletin MS08-052 - Critical \| Microsoft Docs	af854a3a-2127-422b-91ae-364da2661108	docs.microsoft.com
WinZip GDI+ Multiple Vulnerabilities - Secunia Advisories - Vulnerability Intelligence - Secunia.com	af854a3a-2127-422b-91ae-364da2661108	secunia.com	Vendor Advisory
Webmail - OVH	af854a3a-2127-422b-91ae-364da2661108	www.vupen.com	Vendor Advisory
SecurityTracker: Microsoft GDI+ Heap Overflow in Processing Gradient Sizes Lets Remote Users Execute Arbitrary Code	af854a3a-2127-422b-91ae-364da2661108	www.securitytracker.com
Webmail - OVH	af854a3a-2127-422b-91ae-364da2661108	www.vupen.com	Vendor Advisory
marc.info	af854a3a-2127-422b-91ae-364da2661108	marc.info
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.