CVE-2008-1087: Buffer Overflow
First published: Tue Apr 08 2008(Updated: )
Stack-based buffer overflow in GDI in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, and Server 2008 allows remote attackers to execute arbitrary code via an EMF image file with crafted filename parameters, aka "GDI Stack Overflow Vulnerability."
Credit: secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Windows XP | ||
| Microsoft Windows 2003 Server | =sp2 | |
| Microsoft Windows XP | =sp2 | |
| Microsoft Windows XP | =sp2 | |
| Microsoft Windows 2000 | =sp4 | |
| Microsoft Windows NT | =2008 | |
| Microsoft Windows NT | =2008 | |
| Microsoft Windows Vista | ||
| Microsoft Windows NT | =2008 | |
| Microsoft Windows 2003 Server | =sp1 | |
| Microsoft Windows 2003 Server | =sp1 | |
| Microsoft Windows 2003 Server | =sp2 | |
| Microsoft Windows 2003 Server | ||
| Microsoft Windows 2003 Server | =sp2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.securityfocus.com/bid/28570
- http://www.securitytracker.com/id?1019798
- http://secunia.com/advisories/29704
- http://www.us-cert.gov/cas/techalerts/TA08-099A.html
- http://www.osvdb.org/44215
- http://www.vupen.com/english/advisories/2008/1145/references
- http://marc.info/?l=bugtraq&m=120845064910729&w=2
- https://www.exploit-db.com/exploits/6656
- https://www.exploit-db.com/exploits/5442
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5580
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-021
Frequently Asked Questions
What is the severity of CVE-2008-1087?
CVE-2008-1087 has a high severity rating due to the potential for remote code execution.
How do I fix CVE-2008-1087?
To fix CVE-2008-1087, apply security updates or patches provided by Microsoft for the affected Windows versions.
Which versions of Windows are affected by CVE-2008-1087?
CVE-2008-1087 affects Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, and Server 2008.
What kind of attack does CVE-2008-1087 allow?
CVE-2008-1087 allows attackers to execute arbitrary code remotely by exploiting a stack-based buffer overflow.
Is there any workaround for CVE-2008-1087 if I cannot apply the fix?
While there is no official workaround for CVE-2008-1087, avoiding opening untrusted EMF image files can help mitigate the risk.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/severity
- agent/weakness
- agent/author
- agent/last-modified-date
- agent/references
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/microsoft
- canonical/microsoft windows xp
- canonical/microsoft windows 2003 server
- version/microsoft windows 2003 server/sp2
- version/microsoft windows xp/sp2
- canonical/microsoft windows 2000
- version/microsoft windows 2000/sp4
- canonical/microsoft windows nt
- version/microsoft windows nt/2008
- canonical/microsoft windows vista
- version/microsoft windows 2003 server/sp1