RCE in Microsoft Windows_embedded_compact

CVE-2008-2160

Multiple unspecified vulnerabilities in the JPEG (GDI+) and GIF image processing in Microsoft Windows CE 5.0 allow remote attackers to execute arbitrary code via crafted (1) JPEG and (2) GIF images.

Vulnerability class: RCE (Remote Code Execution)

EPSS: 0.180 (96.8th percentile) — read the EPSS interpretation.

Affected products

Microsoft Windows_embedded_compact — versions 5.0
N/a — versions n/a

Weakness classification (CWE)

CWE-94 — Code Injection

References

cve@mitre.org (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
cve@mitre.org (vdb-entry, x_refsource_BID)
cve@mitre.org (vendor-advisory, x_refsource_MSKB)
cve@mitre.org (vdb-entry, x_refsource_SECTRACK)
cve@mitre.org (vdb-entry, x_refsource_VUPEN, Vendor Advisory)
cve@mitre.org (vdb-entry, x_refsource_XF)