CVE-2008-1083

HIGH

Microsoft Windows - Buffer Overflow

Title source: llm

Description

Heap-based buffer overflow in the CreateDIBPatternBrushPt function in GDI in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, and Server 2008 allows remote attackers to execute arbitrary code via an EMF or WMF image file with a malformed header that triggers an integer overflow, aka "GDI Heap Overflow Vulnerability."

Exploits (3)

exploitdb WORKING POC VERIFIED

by Ac!dDrop · textdoswindows

https://www.exploit-db.com/exploits/6330

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Lamhtz · c++localwindows

https://www.exploit-db.com/exploits/5442

View Code ZIP pw:eip

exploitdb WORKING POC

remotewindows

https://www.exploit-db.com/exploits/6656

View Code ZIP pw:eip

References (20)

[Broken Link] http://archives.neohapsis.com/archives/fulldisclosure/2008-04/0168.html

[Third Party Advisory] http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=681

[Mailing List] http://marc.info/?l=bugtraq&m=120845064910729&w=2

[Patch, Vendor Advisory] http://secunia.com/advisories/29704

[Vendor Advisory] http://support.microsoft.com/kb/948590

[US Government Resource] http://www.kb.cert.org/vuls/id/632963

[Broken Link] http://www.osvdb.org/44213

[Broken Link] http://www.osvdb.org/44214

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/28571

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/30933

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1019798

[US Government Resource] http://www.us-cert.gov/cas/techalerts/TA08-099A.html

[Broken Link] http://www.vupen.com/english/advisories/2008/1145/references

[Third Party Advisory] http://www.zerodayinitiative.com/advisories/ZDI-08-020/

[Vendor Advisory] https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-021

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/41471

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5441

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/490584/100/0/threaded

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/5442

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/6330

Scores

CVSS v3 8.1

EPSS 0.5222

EPSS Percentile 97.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-119 CWE-190

Status published

Products (5)

microsoft/windows_2000

microsoft/windows_2003_server (6 CPE variants)

microsoft/windows_server_2008 (2 CPE variants)

microsoft/windows_vista (3 CPE variants)

microsoft/windows_xp

Published Apr 08, 2008

Tracked Since Feb 18, 2026