Microsoft DirectX RLE Compressed Targa Image File Heap Overflow Overflow Vulnerability

Microsoft DirectX RLE Compressed Targa Image File Heap Overflow Overflow Vulnerability

A heap-based buffer-overflow vulnerability occurs in the Microsoft Windows DirectX component. This issue is related to the processing of compressed Targa image files. The specific vulnerability occurs because of the way these files are opened.

A successful exploit will permit attackers to execute arbitrary code in the context of the user who opens a malicious RLE Targa image file.

An attacker can exploit this issue through any means that will allow the attacker to deliver a malicious Targa file to a victim user. In web-based attack scenarios, exploits could occur automatically if the malicious page can cause the file to be loaded automatically by Windows Media Player. Other attack vectors such as email or instant messaging may require the victim user to manually open the malicious Targa file.