Microsoft Windows GDI 'EMR_COLORMATCHTOTARGETW' Stack Overflow Vulnerability

Proof-of-concept code for Immunity CANVAS is available for one of the vulnerabilities discussed in MS08-021. It is not clear at this time if this code is for this issue or for the one discussed in BID 28571 (Microsoft Windows GDI 'CreateDIBPatternBrushPt' Function Heap Overflow Vulnerability).

We will update this BID as more information emerges. The proof-of-concept code is available for members of the Immunity Partners Program:

https://www.immunityinc.com/downloads/immpartners/ms08_021.tar.gz

NOTE: Further investigation reveals that attackers are actively attempting to exploit this vulnerability in the wild.

Core Security Technologies has developed a working commercial exploit for its CORE IMPACT product. This exploit is not otherwise publicly available or known to be circulating in the wild.

The following exploits are available:


 

Privacy Statement
Copyright 2010, SecurityFocus