header-logo
Suggest Exploit
vendor:
GDI+
by:
kad
5.5
CVSS
MEDIUM
Integer division by zero flaw handling .ICO files
369
CWE
Product Name: GDI+
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: NO
Related CWE: CVE-2007-2237
CPE:
Metasploit: https://www.rapid7.com/db/vulnerabilities/suse-cve-2007-3126/
Other Scripts:
Platforms Tested:
2007

highsecu.ico – Microsoft GDI+ Integer division by zero flaw handling .ICO files

This exploit is related to the Microsoft GDI+ library, specifically in the handling of .ICO files. It involves an integer division by zero flaw, which can lead to a denial of service or potentially arbitrary code execution. The exploit is available in the provided link.

Mitigation:

To mitigate this vulnerability, it is recommended to apply the latest security patches provided by Microsoft. Additionally, users should exercise caution when opening or accessing .ICO files from untrusted sources.
Source

Exploit-DB raw data:

####################################
# Author : kad                     #
# Mail   : kad[at]highsecu[dot]com #
# Site   : http://www.highsecu.com #
####################################

highsecu.ico - Microsoft GDI+ Integer division by zero flaw handling .ICO files
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/4044.zip (06072007-CVE-2007-2237.zip)

# milw0rm.com [2007-06-07]

Navigation

Suggest Exploit

Services By CQR