cbcvebase.
CVE-2010-0028
published 2010-02-10

CVE-2010-0028: Integer overflow in Microsoft Paint in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted…

PriorityP273critical9.3CVSS 2.0
AVNACMAuNCCICAC
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
48.45%
98.7th percentile
Integer overflow in Microsoft Paint in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted JPEG (.JPG) file, aka "MS Paint Integer Overflow Vulnerability."

Detection & IOCsextracted from sources · hover to see the quote

bytes
93 CE 93 CE
  • Detect crafted JPEG files with an oversized image dimension field (37838x37838, bytes 0x93CE 0x93CE in the SOF0 marker width/height fields) targeting Microsoft Paint integer overflow (MS10-005).
  • The malicious JPEG begins with a standard JFIF header (FF D8 FF E0) followed by an Exif segment (FF E1 ... 45 78 69 66) and a crafted DQT/SOF0 sequence; inspect JPEG files opened in mspaint.exe for anomalously large SOF0 dimension values causing integer overflow.
  • Monitor mspaint.exe (version 5.1.2600.2180) for crashes or abnormal memory allocation when opening JPEG files, as the PoC targets this specific version on Windows XP SP2/SP3.

CVSS provenance

nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
vulncheck9.3CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.