CVE-2004-0200

Microsoft .net Framework - Buffer Overflow

Title source: rule

Description

Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.

Exploits (6)

exploitdb WORKING POC VERIFIED

by M4Z3R · cremotewindows

https://www.exploit-db.com/exploits/556

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by John Bissell · cremotewindows

https://www.exploit-db.com/exploits/480

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by ATmaCA · cremotewindows

https://www.exploit-db.com/exploits/478

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Elia Florio · bashremotewindows

https://www.exploit-db.com/exploits/475

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by FoToZ · cremotewindows

https://www.exploit-db.com/exploits/472

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by perplexy · bashdoswindows

https://www.exploit-db.com/exploits/474

View Code ZIP pw:eip

References (16)

[Mailing List] http://marc.info/?l=bugtraq&m=109524346729948&w=2

[US Government Resource] http://www.kb.cert.org/vuls/id/297462

[US Government Resource] http://www.us-cert.gov/cas/techalerts/TA04-260A.html

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/16304

[Vendor Advisory] https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-028

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1105

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1721

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2706

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3038

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3082

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3320

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3810

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3881

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4003

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4216

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4307

Scores

EPSS 0.7669

EPSS Percentile 99.0%

Details

Status published

Products (40)

microsoft/digital_image_pro 7.0

microsoft/digital_image_pro 9

microsoft/digital_image_suite 9

microsoft/excel 2002

microsoft/excel 2003

microsoft/frontpage 2002

microsoft/frontpage 2003

microsoft/greetings 2002

microsoft/infopath 2003

microsoft/.net_framework 1.0 sp2

... and 30 more

Published Sep 28, 2004

Tracked Since Feb 18, 2026