Microsoft Windows Explorer BMP Image Denial of Service Vulnerability
BID:23321
Info
Microsoft Windows Explorer BMP Image Denial of Service Vulnerability
| Bugtraq ID: | 23321 |
| Class: | Unknown |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 04 2007 12:00AM |
| Updated: | Apr 05 2007 10:12PM |
| Credit: | Ivan Fratric is credited with the discovery of this issue. |
| Vulnerable: |
Microsoft Windows XP Tablet PC Edition SP1 Microsoft Windows XP Professional SP1 Microsoft Windows XP Media Center Edition SP1 Microsoft Windows XP Home SP1 Microsoft Windows XP Embedded SP1 Microsoft Windows XP 64-bit Edition Version 2003 SP1 |
| Not Vulnerable: | |
Discussion
Microsoft Windows Explorer BMP Image Denial of Service Vulnerability
Windows Explorer is prone to a denial-of-service vulnerability.
Few technical details regarding this issue are currently available. This BID will be updated as more information emerges.
An attacker could exploit this issue to cause denial-of-service conditions on a victim compute. Presumably, this issue stems from a buffer overflow, but this has not been confirmed.
This issue affects Windows XP SP1; other operating systems and versions may be affected as well.
Windows Explorer is prone to a denial-of-service vulnerability.
Few technical details regarding this issue are currently available. This BID will be updated as more information emerges.
An attacker could exploit this issue to cause denial-of-service conditions on a victim compute. Presumably, this issue stems from a buffer overflow, but this has not been confirmed.
This issue affects Windows XP SP1; other operating systems and versions may be affected as well.
Exploit / POC
Microsoft Windows Explorer BMP Image Denial of Service Vulnerability
To exploit this issue, an attacker must entice an unsuspecting user to view a specially crafted BMP image in 'Thumbnail' view or to open it in Explorer.
To exploit this issue, an attacker must entice an unsuspecting user to view a specially crafted BMP image in 'Thumbnail' view or to open it in Explorer.
Solution / Fix
Microsoft Windows Explorer BMP Image Denial of Service Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
References
Microsoft Windows Explorer BMP Image Denial of Service Vulnerability
References:
References:
- Microsoft Windows Homepage (Microsoft )
- Several Windows image viewers vulnerabilities (Ivan Fratric)