CVE-2008-2245
published 2008-08-13CVE-2008-2245: Heap-based buffer overflow in the InternalOpenColorProfile function in mscms.dll in Microsoft Windows Image Color Management System (MSCMS) in the Image Color…
PriorityP264critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
46.14%
98.7th percentile
Heap-based buffer overflow in the InternalOpenColorProfile function in mscms.dll in Microsoft Windows Image Color Management System (MSCMS) in the Image Color Management (ICM) component on Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted image file.
Detection & IOCsextracted from sources · hover to see the quote
- →Vulnerability is triggered via a crafted image file targeting the InternalOpenColorProfile function in mscms.dll; inspect image files processed by MSCMS/ICM for anomalous ICC profile data. ↗
- →The exploit abuses the EMR_SETICMPROFILEA record in EMF files to trigger the heap overflow; monitor for malformed EMF files containing oversized or malformed EMR_SETICMPROFILEA records. ↗
- →Exploitation causes Windows Explorer and Internet Explorer to crash; unexpected crashes of explorer.exe or iexplore.exe may indicate exploitation attempts. ↗
- ·PoC was tested specifically against Windows XP Professional SP2 with the listed mscms.dll and gdi32.dll versions; exploit reliability against other affected platforms (Windows 2000 SP4, XP SP3, Server 2003 SP1/SP2) may vary. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=742http://marc.info/?l=bugtraq&m=121915960406986&w=2http://secunia.com/advisories/31385http://www.kb.cert.org/vuls/id/309739http://www.securityfocus.com/bid/30594http://www.securitytracker.com/id?1020675http://www.us-cert.gov/cas/techalerts/TA08-225A.htmlhttp://www.vupen.com/english/advisories/2008/2350https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-046https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5923https://www.exploit-db.com/exploits/6732http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=742http://marc.info/?l=bugtraq&m=121915960406986&w=2http://secunia.com/advisories/31385http://www.kb.cert.org/vuls/id/309739http://www.securityfocus.com/bid/30594http://www.securitytracker.com/id?1020675http://www.us-cert.gov/cas/techalerts/TA08-225A.htmlhttp://www.vupen.com/english/advisories/2008/2350https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-046https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5923https://www.exploit-db.com/exploits/6732
2008-08-13
Published