CVE-2009-1511

Microsoft Windows XP - Resource Management Error

Title source: rule

Description

GDI+ in Microsoft Windows XP SP3 allows remote attackers to cause a denial of service (infinite loop) via a PNG file that contains a certain large btChunkLen value.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Code Audit Labs · perldoswindows

https://www.exploit-db.com/exploits/8466

View Code ZIP pw:eip

References (2)

[Exploit] http://www.securityfocus.com/bid/34586

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/8466

Scores

EPSS 0.1287

EPSS Percentile 94.1%

Details

CWE

CWE-399

Status published

Products (1)

microsoft/windows_xp

Published May 01, 2009

Tracked Since Feb 18, 2026