CVE-2004-0200
published 2004-09-28CVE-2004-0200: Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to…
critical9.3CVSS 3.1
AVNACMAuNCCICAC
EXPLOIT
Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.
Affected
36 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | digital_image_pro | — | — |
| microsoft | digital_image_pro | — | — |
| microsoft | digital_image_suite | — | — |
| microsoft | excel | — | — |
| microsoft | excel | — | — |
| microsoft | frontpage | — | — |
| microsoft | frontpage | — | — |
| microsoft | greetings | — | — |
| microsoft | infopath | — | — |
| microsoft | net_framework | — | — |
| microsoft | office | — | — |
| microsoft | office | — | — |
| microsoft | onenote | — | — |
| microsoft | outlook | — | — |
| microsoft | outlook | — | — |
| microsoft | picture_it | — | — |
| microsoft | picture_it | — | — |
| microsoft | picture_it | — | — |
| microsoft | powerpoint | — | — |
| microsoft | powerpoint | — | — |
| microsoft | project | — | — |
| microsoft | project | — | — |
| microsoft | publisher | — | — |
| microsoft | publisher | — | — |
| microsoft | visio | — | — |