Vulnerability in N/a
CVE-2009-1217
Off-by-one error in the GpFont::SetData function in gdiplus.dll in Microsoft GDI+ on Windows XP allows remote attackers to cause a denial of service (stack corruption and application termination) via a crafted EMF file that triggers an int…
EPSS: 0.564 (98.2th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
References
- blogs.technet.com/srd/archive/2009/03/26/new-emf-gdiplus-dll-crash-not-exploita… (x_refsource_CONFIRM)
- ADV-2009-0832 (vdb-entry, x_refsource_VUPEN)
- bl4cksecurity.blogspot.com/2009/03/microsoft-gdiplus-emf-gpfontsetdata.html (x_refsource_MISC)
- win-gdi-emfplusfont-dos(49438) (vdb-entry, x_refsource_XF)
- 34250 (vdb-entry, x_refsource_BID)