Microsoft GDI+ TIFF File Processing 'BitsPerSample' Tag Remote Code Execution Vulnerability

Bugtraq ID: 36646
Class: Boundary Condition Error
CVE: CVE-2009-2502
Remote: Yes
Local: No
Published: Oct 13 2009 12:00AM
Updated: Apr 19 2013 12:59PM
Credit: Wushi of VeriSign iDefense Labs
Vulnerable: Nortel Networks Symposium Agent
Nortel Networks Self-Service WVADS 0
Nortel Networks Self-Service Speech Server 0
Nortel Networks Self-Service Peri Workstation 0
Nortel Networks Self-Service Peri Application 0
Nortel Networks Self-Service MPS 500 0
Nortel Networks Self-Service MPS 1000 0
Nortel Networks Self-Service MPS 100 0
Nortel Networks Self-Service Media Processing Server 0
Nortel Networks Self-Service CCXML 0
Nortel Networks Self-Service - CCSS7 0
Nortel Networks Self Service VoiceXML 0
Nortel Networks Multimedia Comm Mas 0
Nortel Networks Media Processing Svr 500 Rel 3.0
Nortel Networks Media Processing Svr 1000 Rel 3.0
Nortel Networks Contact Center NCC 0
Nortel Networks Contact Center Express
Nortel Networks Contact Center Administration CCMA 7.0
Nortel Networks Contact Center Administration CCMA 6.0
Nortel Networks Contact Center - TAPI Server 0
Nortel Networks CallPilot 703t
Nortel Networks CallPilot 702t
Nortel Networks CallPilot 201i
Nortel Networks CallPilot 200i
Nortel Networks CallPilot 1002rp
Microsoft Works 8.5
Microsoft Word Viewer 2003 SP3
Microsoft Word Viewer 2003 0
Microsoft Word Viewer 0
Microsoft Windows XP Tablet PC Edition SP3
Microsoft Windows XP Tablet PC Edition SP2
Microsoft Windows XP Tablet PC Edition SP1
Microsoft Windows XP Tablet PC Edition
Microsoft Windows XP Professional SP3
Microsoft Windows XP Professional SP2
Microsoft Windows XP Professional SP1
Microsoft Windows XP Professional
Microsoft Windows XP Media Center Edition SP3
Microsoft Windows XP Media Center Edition SP2
Microsoft Windows XP Media Center Edition SP1
Microsoft Windows XP Media Center Edition
Microsoft Windows XP Home SP3
Microsoft Windows XP Home SP2
Microsoft Windows XP Home SP1
Microsoft Windows XP Home
Microsoft Windows XP Gold 0
Microsoft Windows XP Embedded SP3
Microsoft Windows XP Embedded SP2
Microsoft Windows XP Embedded SP1
Microsoft Windows XP Embedded
Microsoft Windows XP 0
Microsoft Visual Studio 2008 SP1
Microsoft Visual Studio 2008 0
Microsoft Visual Studio 2005 Team Edition for Testers 0
Microsoft Visual Studio 2005 Team Edition for Developers 0
Microsoft Visual Studio 2005 Team Edition for Architects 0
Microsoft Visual Studio 2005 Team Edition 0
Microsoft Visual Studio 2005 Standard Edition 0
Microsoft Visual Studio 2005 Professional Edition 0
Microsoft Visual Studio 2005 SP1
Microsoft Visual Studio 2005
Microsoft Visual Studio .NET 2003 SP1
Microsoft Visual Studio .NET 2003
+ Microsoft Visual Basic .NET Standard 2003
+ Microsoft Visual C# .NET Standard 2003
+ Microsoft Visual C++ .NET Standard 2003
+ Microsoft Visual J# .NET Standard 2003
Microsoft Visual FoxPro 9.0 SP2
Microsoft Visual FoxPro 9.0 SP1
Microsoft Visual FoxPro 8.0 SP1
Microsoft Visual FoxPro 8.0
Microsoft Visio Viewer 2007 SP2
Microsoft Visio 2002 Professional SP2
Microsoft Visio 2002 SP2
Microsoft Visio 2002 SP1
Microsoft Visio 2002
Microsoft SQL Server 2005 x64 Edition SP3
Microsoft SQL Server 2005 x64 Edition SP2
Microsoft SQL Server 2005 x64 Edition SP1
Microsoft SQL Server 2005 Itanium Edition SP3
Microsoft SQL Server 2005 Itanium Edition SP2
Microsoft SQL Server 2005 Itanium Edition SP1
Microsoft SQL Server 2005 Itanium Edition 0
Microsoft SQL Server 2005 Express Edition SP2
Microsoft SQL Server 2005 Express Edition SP1
Microsoft SQL Server 2005 Express Edition 0
Microsoft SQL Server 2005 SP3
Microsoft SQL Server 2005 SP2
Microsoft SQL Server 2005 SP1
Microsoft SQL Server 2005 0
Microsoft SQL Server 2000 Reporting Services SP2
Microsoft Report Viewer 2008 SP1
Microsoft Report Viewer 2008 0
Microsoft Report Viewer 2005 SP1
Microsoft Project 2002 SP1
Microsoft Project 2002 0
Microsoft Project 2002
Microsoft PowerPoint Viewer 2007 SP2
Microsoft PowerPoint Viewer 2007 SP1
Microsoft PowerPoint Viewer 2007 0
Microsoft Platform SDK Redistributable: GDI+
Microsoft Office XP SP3
+ Microsoft Excel 2002 SP3
+ Microsoft Excel 2002 SP3
+ Microsoft FrontPage 2002 SP3
+ Microsoft FrontPage 2002 SP3
+ Microsoft Outlook 2002 SP3
+ Microsoft Outlook 2002 SP3
+ Microsoft PowerPoint 2002 SP3
+ Microsoft PowerPoint 2002 SP3
+ Microsoft Publisher 2002 SP3
+ Microsoft Publisher 2002 SP3
Microsoft Office XP SP2
Microsoft Office XP SP1
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional
- Microsoft Windows 98
- Microsoft Windows ME
- Microsoft Windows NT Workstation 4.0 SP6a
- Microsoft Windows NT Workstation 4.0 SP6
- Microsoft Windows NT Workstation 4.0 SP5
- Microsoft Windows NT Workstation 4.0 SP4
- Microsoft Windows NT Workstation 4.0 SP3
- Microsoft Windows NT Workstation 4.0 SP2
- Microsoft Windows NT Workstation 4.0 SP1
- Microsoft Windows NT Workstation 4.0
- Microsoft Windows XP Home
- Microsoft Windows XP Professional
Microsoft Office XP
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional
- Microsoft Windows 98
- Microsoft Windows ME
- Microsoft Windows NT Workstation 4.0 SP6a
- Microsoft Windows NT Workstation 4.0 SP6
- Microsoft Windows NT Workstation 4.0 SP5
- Microsoft Windows NT Workstation 4.0 SP4
- Microsoft Windows NT Workstation 4.0 SP3
- Microsoft Windows NT Workstation 4.0 SP2
- Microsoft Windows NT Workstation 4.0 SP1
- Microsoft Windows NT Workstation 4.0
- Microsoft Windows XP Home
- Microsoft Windows XP Professional
Microsoft Office Compatibility Pack 2007 SP2
Microsoft Office Compatibility Pack 2007 SP1
Microsoft Office Compatibility Pack 2007 0
Microsoft Office 2007 SP2
Microsoft Office 2007 SP1
Microsoft Office 2007 0
Microsoft Office 2003 SP3
Microsoft Office 2003 SP2
Microsoft Office 2003 SP1
Microsoft Office 2003 0
+ Microsoft Excel 2003
+ Microsoft FrontPage 2003
+ Microsoft InfoPath 2003
+ Microsoft OneNote 2003 0
+ Microsoft Outlook 2003 0
+ Microsoft PowerPoint 2003 0
+ Microsoft Publisher 2003
Microsoft Internet Explorer 6.0 SP1
Microsoft Internet Explorer 6.0
- Microsoft Windows 2000 Advanced Server SP2
- Microsoft Windows 2000 Advanced Server SP2
- Microsoft Windows 2000 Advanced Server SP2
- Microsoft Windows 2000 Advanced Server SP1
- Microsoft Windows 2000 Advanced Server SP1
- Microsoft Windows 2000 Advanced Server SP1
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Datacenter Server SP2
- Microsoft Windows 2000 Datacenter Server SP2
- Microsoft Windows 2000 Datacenter Server SP2
- Microsoft Windows 2000 Datacenter Server SP1
- Microsoft Windows 2000 Datacenter Server SP1
- Microsoft Windows 2000 Datacenter Server SP1
- Microsoft Windows 2000 Datacenter Server
- Microsoft Windows 2000 Datacenter Server
- Microsoft Windows 2000 Datacenter Server
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional
- Microsoft Windows 2000 Professional
- Microsoft Windows 2000 Professional
- Microsoft Windows 2000 Server SP2
- Microsoft Windows 2000 Server SP2
- Microsoft Windows 2000 Server SP2
- Microsoft Windows 2000 Server SP1
- Microsoft Windows 2000 Server SP1
- Microsoft Windows 2000 Server SP1
- Microsoft Windows 2000 Server
- Microsoft Windows 2000 Server
- Microsoft Windows 2000 Server
- Microsoft Windows 2000 Terminal Services SP2
- Microsoft Windows 2000 Terminal Services SP2
- Microsoft Windows 2000 Terminal Services SP2
- Microsoft Windows 2000 Terminal Services SP1
- Microsoft Windows 2000 Terminal Services SP1
- Microsoft Windows 2000 Terminal Services SP1
- Microsoft Windows 2000 Terminal Services
- Microsoft Windows 2000 Terminal Services
- Microsoft Windows 2000 Terminal Services
- Microsoft Windows 98
- Microsoft Windows 98
- Microsoft Windows 98
- Microsoft Windows 98SE
- Microsoft Windows 98SE
- Microsoft Windows 98SE
- Microsoft Windows ME
- Microsoft Windows ME
- Microsoft Windows ME
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT Enterprise Server 4.0 SP6a
- Microsoft Windows NT Enterprise Server 4.0 SP6a
- Microsoft Windows NT Enterprise Server 4.0 SP6a
- Microsoft Windows NT Server 4.0 SP6a
- Microsoft Windows NT Server 4.0 SP6a
- Microsoft Windows NT Server 4.0 SP6a
- Microsoft Windows NT Terminal Server 4.0 SP6a
- Microsoft Windows NT Terminal Server 4.0 SP6a
- Microsoft Windows NT Workstation 4.0 SP6a
- Microsoft Windows NT Workstation 4.0 SP6a
- Microsoft Windows NT Workstation 4.0 SP6a
+ Microsoft Windows Server 2003 Datacenter Edition
+ Microsoft Windows Server 2003 Datacenter Edition
+ Microsoft Windows Server 2003 Datacenter Edition
+ Microsoft Windows Server 2003 Datacenter Edition Itanium 0
+ Microsoft Windows Server 2003 Datacenter Edition Itanium 0
+ Microsoft Windows Server 2003 Enterprise Edition
+ Microsoft Windows Server 2003 Enterprise Edition
+ Microsoft Windows Server 2003 Enterprise Edition
+ Microsoft Windows Server 2003 Enterprise Edition Itanium 0
+ Microsoft Windows Server 2003 Enterprise Edition Itanium 0
+ Microsoft Windows Server 2003 Enterprise Edition Itanium 0
+ Microsoft Windows Server 2003 Standard Edition
+ Microsoft Windows Server 2003 Standard Edition
+ Microsoft Windows Server 2003 Standard Edition
+ Microsoft Windows Server 2003 Web Edition
+ Microsoft Windows Server 2003 Web Edition
+ Microsoft Windows Server 2003 Web Edition
+ Microsoft Windows XP Home
+ Microsoft Windows XP Home
+ Microsoft Windows XP Home
+ Microsoft Windows XP Professional
+ Microsoft Windows XP Professional
+ Microsoft Windows XP Professional
Microsoft Groove 2007 SP1
Microsoft Groove 2007 0
Microsoft Forefront Client Security 1.0
Microsoft Expression Web 2
Microsoft Expression Web 0
Microsoft Excel Viewer 2003 SP3
Microsoft Excel Viewer 2003 0
Microsoft Excel Viewer 0
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus