Name:
MS.Windows.Kodak.Image.Viewer.TIFF.Buffer.Overflow
Released Date:
Oct 9 2007
Severity:
critical
CVE:
2007-2217
MS Bulletin:
ms07-055

FortiGuard Center > Vulnerability Encyclopedia


In-Depth Analysis

Description
This indicates a possible attempt to exploit a buffer overflow vulnerability in Windows Kodak Image Viewer.

A remote code execution vulnerability exists in the way that the Kodak Image Viewer handles image files. An attacker may be able to exploit this vulnerability by constructing a specially crafted image file that allows remote code execution. The exploit can be triggered when a user visits a web site and views a specially crafted image file, or opens an e-mail attachment.
 
Impact
System compromise: remote code execution.
 
Affected Products
Microsoft Windows 2000 Service Pack 4
Windows XP Service Pack 2
Windows Server 2003 Service Pack 1
Windows Server 2003 Service Pack 2
Aliases
MS.Windows.Kodak.image.Viewer.TIFF.Buffer.Overflow
References
http://www.microsoft.com/technet/security/Bulletin/ms07-055.mspx
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2007-2217
http://www.milw0rm.com/exploits/4616
Recommended Actions
Apply the patch, available from the following web site:
http://www.microsoft.com/technet/security/bulletin/ms07-055.mspx

 
 
SITE MAP  |  LEGAL NOTICES

      © 2003 FORTINET INC. ALL RIGHTS RESERVED