Microsoft Image Color Management System Heap Overflow Vulnerability

Overview

» IDS/IPS Signatures

Security Sites

iPolicy Networks Security Advisory


Date Discovered:	08/12/2008
Severity:	High
Operating Systems Affected:	Microsoft Windows 2000 SP4 Microsoft Windows XP SP2 Microsoft Windows XP SP3 Microsoft Windows XP Professional x64 Microsoft Windows XP Professional x64 SP2 Microsoft Windows Server 2003 SP1 Microsoft Windows Server 2003 SP2 Microsoft Windows Server 2003 x64 Microsoft Windows Server 2003 x64 SP2 Microsoft Windows Server 2003 SP1 for Itanium Microsoft Windows Server 2003 SP2 for Itanium

Synopsis

Microsoft Color Management System (MSCMS) module of the Microsoft ICM component is prone to heap overflow vulnerability. This vulnerability exists in the way that Microsoft Color Management System (MSCMS) module of the Microsoft ICM component handles memory allocation.

Recommended Actions

Update the patches as guided by vendor at :
http://www.microsoft.com/technet/security/bulletin/ms08-046.mspx

Threat Analysis

The vulnerability is caused by a heap overflow when the Microsoft Color Management System (MSCMS) module of the Microsoft ICM component improperly allocates memory for a specially crafted image file.

An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs, view, change, delete data or create new accounts.

References

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2245

Write-up by: Aditya Chaturvedi

Security Sites

“iPolicy is one of the most visionary firewall vendors in the firewall Magic Quadrant. Its architecture of a central session processing engine and multiple content blades that are able to block based on signatures, rules and so on is the closest to the network security ideal.”

Greg Young, John Pescatore
Magic Quadrant for Network Firewalls, 2H04, Gartner

| | | | | | | | |