CVE-2008-2245

Windows 2000/XP/Server 2003 - Remote Code Execution via Crafted Image File

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-2245. PoCs published by Ac!dDrop.

AI-analyzed exploit summary This exploit targets a heap overflow vulnerability in EMR_SETICMPROFILEA, related to MS08-046, affecting mscms.dll and gdi32.dll. It causes a DoS in Windows Explorer and Internet Explorer and can potentially execute arbitrary code.

Description

Heap-based buffer overflow in the InternalOpenColorProfile function in mscms.dll in Microsoft Windows Image Color Management System (MSCMS) in the Image Color Management (ICM) component on Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted image file.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Ac!dDrop · textdoswindows
https://www.exploit-db.com/exploits/6732

This exploit targets a heap overflow vulnerability in EMR_SETICMPROFILEA, related to MS08-046, affecting mscms.dll and gdi32.dll. It causes a DoS in Windows Explorer and Internet Explorer and can potentially execute arbitrary code.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Moderate
Reliability
Reliable
Target: Windows XP Professional SP2 (mscms.dll 5.1.2600.2709, gdi32.dll 5.1.2600.2818)
No auth needed
Prerequisites: Vulnerable Windows XP SP2 system with specific DLL versions
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (11)

Core 11
Core References
Third Party Advisory third-party-advisory x_refsource_idefense
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=742
US Government Resource third-party-advisory x_refsource_cert
http://www.us-cert.gov/cas/techalerts/TA08-225A.html
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5923
Mailing List vendor-advisory x_refsource_hp
http://marc.info/?l=bugtraq&m=121915960406986&w=2
Patch, Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/31385
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1020675
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2008/2350
Patch, US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/309739
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/6732
Patch vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/30594

Scores

EPSS 0.4614
EPSS Percentile 98.7%

Details

CWE
CWE-119
Status published
Products (3)
microsoft/windows_2000
microsoft/windows_2003_server (2 CPE variants)
microsoft/windows_xp (2 CPE variants)
Published Aug 13, 2008
Tracked Since Feb 18, 2026