CVE-2004-0200 (CNNVD-200409-064)
CRITICAL
有利用代码
中文标题:
Microsoft Windows GDI+ JPG解析组件缓冲区溢出漏洞(MS04-028)
英文标题:
Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI...
CVSS分数:
9.3
发布时间:
2004-09-17 04:00:00
漏洞类型:
授权问题
状态:
PUBLISHED
数据质量分数:
0.30
数据版本:
v9
漏洞描述
中文描述:
Microsoft Windows图形设备接口(GDI+)是为用户提供在屏幕和打印机上显示信息的API。GDI+也能处理JPEG图象文件。 GDI+ (Gdiplus.dll)在处理畸形JPEG文件时存在缓冲区溢出,远程攻击者可以利用这个漏洞构建恶意JPEG文件,以用户进程权限在系统上执行任意指令。 Microsoft报告Windows XP、Windows XP Service Pack 1和Windows Server 2003操作系统下的组件存在此问题,由于兼容性问题,部分第三方应用程序安装了这些受影响的组件,包括Office XP, Visio 2002、Project 2002、Office 2003、Visio 2003和Project 2003。如果这些应用程序安装在系统上,并且使用Windows XP、Windows XP Service Pack 1或Windows Server 2003操作系统,用户必须安装此补丁。 必须注意的是第三方的应用程序,只要安装受此漏洞影响的组件,任何应用程序使用Gdiplus.dll处理JPEG图象,就会受到此漏洞攻击。 远程攻击者可以通过构建特殊的JPEG文件,通过WEB连接,EMAIL附件等形式,诱使用户处理,来触发此漏洞。
英文描述:
Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.
CWE类型:
(暂无数据)
标签:
remote
windows
FoToZ
OSVDB-9951
dos
perplexy
MS04-028
Elia Florio
ATmaCA
John Bissell
M4Z3R
受影响产品
| 厂商 | 产品 | 版本 | 版本范围 | 平台 | CPE |
|---|---|---|---|---|---|
| microsoft | .net_framework | 1.0 | - | - |
cpe:2.3:a:microsoft:.net_framework:1.0:sp2:sdk:*:*:*:*:*
|
| microsoft | digital_image_pro | 7.0 | - | - |
cpe:2.3:a:microsoft:digital_image_pro:7.0:*:*:*:*:*:*:*
|
| microsoft | digital_image_pro | 9 | - | - |
cpe:2.3:a:microsoft:digital_image_pro:9:*:*:*:*:*:*:*
|
| microsoft | digital_image_suite | 9 | - | - |
cpe:2.3:a:microsoft:digital_image_suite:9:*:*:*:*:*:*:*
|
| microsoft | excel | 2002 | - | - |
cpe:2.3:a:microsoft:excel:2002:*:*:*:*:*:*:*
|
| microsoft | excel | 2003 | - | - |
cpe:2.3:a:microsoft:excel:2003:*:*:*:*:*:*:*
|
| microsoft | frontpage | 2002 | - | - |
cpe:2.3:a:microsoft:frontpage:2002:*:*:*:*:*:*:*
|
| microsoft | frontpage | 2003 | - | - |
cpe:2.3:a:microsoft:frontpage:2003:*:*:*:*:*:*:*
|
| microsoft | greetings | 2002 | - | - |
cpe:2.3:a:microsoft:greetings:2002:*:*:*:*:*:*:*
|
| microsoft | infopath | 2003 | - | - |
cpe:2.3:a:microsoft:infopath:2003:*:*:*:*:*:*:*
|
| microsoft | office | 2003 | - | - |
cpe:2.3:a:microsoft:office:2003:*:*:*:*:*:*:*
|
| microsoft | office | xp | - | - |
cpe:2.3:a:microsoft:office:xp:sp3:*:*:*:*:*:*
|
| microsoft | onenote | 2003 | - | - |
cpe:2.3:a:microsoft:onenote:2003:*:*:*:*:*:*:*
|
| microsoft | outlook | 2002 | - | - |
cpe:2.3:a:microsoft:outlook:2002:*:*:*:*:*:*:*
|
| microsoft | outlook | 2003 | - | - |
cpe:2.3:a:microsoft:outlook:2003:*:*:*:*:*:*:*
|
| microsoft | picture_it | 7.0 | - | - |
cpe:2.3:a:microsoft:picture_it:7.0:*:*:*:*:*:*:*
|
| microsoft | picture_it | 9 | - | - |
cpe:2.3:a:microsoft:picture_it:9:*:*:*:*:*:*:*
|
| microsoft | picture_it | 2002 | - | - |
cpe:2.3:a:microsoft:picture_it:2002:*:*:*:*:*:*:*
|
| microsoft | powerpoint | 2002 | - | - |
cpe:2.3:a:microsoft:powerpoint:2002:*:*:*:*:*:*:*
|
| microsoft | powerpoint | 2003 | - | - |
cpe:2.3:a:microsoft:powerpoint:2003:*:*:*:*:*:*:*
|
| microsoft | producer | * | - | - |
cpe:2.3:a:microsoft:producer:*:gold:office_powerpoints:*:*:*:*:*
|
| microsoft | project | 2002 | - | - |
cpe:2.3:a:microsoft:project:2002:sp1:*:*:*:*:*:*
|
| microsoft | project | 2003 | - | - |
cpe:2.3:a:microsoft:project:2003:*:*:*:*:*:*:*
|
| microsoft | publisher | 2002 | - | - |
cpe:2.3:a:microsoft:publisher:2002:*:*:*:*:*:*:*
|
| microsoft | publisher | 2003 | - | - |
cpe:2.3:a:microsoft:publisher:2003:*:*:*:*:*:*:*
|
| microsoft | visio | 2002 | - | - |
cpe:2.3:a:microsoft:visio:2002:sp2:*:*:*:*:*:*
|
| microsoft | visio | 2003 | - | - |
cpe:2.3:a:microsoft:visio:2003:*:*:*:*:*:*:*
|
| microsoft | visual_basic | 2002 | - | - |
cpe:2.3:a:microsoft:visual_basic:2002:*:.net_standard:*:*:*:*:*
|
| microsoft | visual_basic | 2003 | - | - |
cpe:2.3:a:microsoft:visual_basic:2003:*:.net_standard:*:*:*:*:*
|
| microsoft | visual_c\# | 2002 | - | - |
cpe:2.3:a:microsoft:visual_c\#:2002:*:.net_standard:*:*:*:*:*
|
| microsoft | visual_c\# | 2003 | - | - |
cpe:2.3:a:microsoft:visual_c\#:2003:*:.net_standard:*:*:*:*:*
|
| microsoft | visual_c\+\+ | 2002 | - | - |
cpe:2.3:a:microsoft:visual_c\+\+:2002:*:.net_standard:*:*:*:*:*
|
| microsoft | visual_c\+\+ | 2003 | - | - |
cpe:2.3:a:microsoft:visual_c\+\+:2003:*:.net_standard:*:*:*:*:*
|
| microsoft | visual_j\#_.net | 2003 | - | - |
cpe:2.3:a:microsoft:visual_j\#_.net:2003:*:.net_standard:*:*:*:*:*
|
| microsoft | visual_studio_.net | 2002 | - | - |
cpe:2.3:a:microsoft:visual_studio_.net:2002:gold:*:*:*:*:*:*
|
| microsoft | visual_studio_.net | 2003 | - | - |
cpe:2.3:a:microsoft:visual_studio_.net:2003:gold:*:*:*:*:*:*
|
| microsoft | word | 2002 | - | - |
cpe:2.3:a:microsoft:word:2002:*:*:*:*:*:*:*
|
| microsoft | word | 2003 | - | - |
cpe:2.3:a:microsoft:word:2003:*:*:*:*:*:*:*
|
| microsoft | windows_2003_server | r2 | - | - |
cpe:2.3:o:microsoft:windows_2003_server:r2:*:*:*:*:*:*:*
|
| microsoft | windows_xp | * | - | - |
cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*
|
解决方案
中文解决方案:
(暂无数据)
英文解决方案:
(暂无数据)
临时解决方案:
(暂无数据)
参考链接
oval:org.mitre.oval:def:3038
vdb-entry
cve.org
访问
cve.org
oval:org.mitre.oval:def:1105
vdb-entry
cve.org
访问
cve.org
VU#297462
third-party-advisory
cve.org
访问
cve.org
TA04-260A
third-party-advisory
cve.org
访问
cve.org
oval:org.mitre.oval:def:3320
vdb-entry
cve.org
访问
cve.org
oval:org.mitre.oval:def:2706
vdb-entry
cve.org
访问
cve.org
20040914 Microsoft GDIPlus.DLL JPEG Parsing Engine Buffer Overflow
mailing-list
cve.org
访问
cve.org
oval:org.mitre.oval:def:1721
vdb-entry
cve.org
访问
cve.org
oval:org.mitre.oval:def:3082
vdb-entry
cve.org
访问
cve.org
MS04-028
vendor-advisory
cve.org
访问
cve.org
oval:org.mitre.oval:def:4003
vdb-entry
cve.org
访问
cve.org
oval:org.mitre.oval:def:3810
vdb-entry
cve.org
访问
cve.org
oval:org.mitre.oval:def:4216
vdb-entry
cve.org
访问
cve.org
oval:org.mitre.oval:def:4307
vdb-entry
cve.org
访问
cve.org
oval:org.mitre.oval:def:3881
vdb-entry
cve.org
访问
cve.org
win-jpeg-bo(16304)
vdb-entry
cve.org
访问
cve.org
ExploitDB EDB-472
EXPLOIT
exploitdb
访问
exploitdb
Download Exploit EDB-472
EXPLOIT
exploitdb
访问
exploitdb
CVE Reference: CVE-2004-0200
ADVISORY
cve.org
访问
cve.org
ExploitDB EDB-474
EXPLOIT
exploitdb
访问
exploitdb
Download Exploit EDB-474
EXPLOIT
exploitdb
访问
exploitdb
ExploitDB EDB-475
EXPLOIT
exploitdb
访问
exploitdb
Download Exploit EDB-475
EXPLOIT
exploitdb
访问
exploitdb
ExploitDB EDB-478
EXPLOIT
exploitdb
访问
exploitdb
Download Exploit EDB-478
EXPLOIT
exploitdb
访问
exploitdb
ExploitDB EDB-480
EXPLOIT
exploitdb
访问
exploitdb
Download Exploit EDB-480
EXPLOIT
exploitdb
访问
exploitdb
ExploitDB EDB-556
EXPLOIT
exploitdb
访问
exploitdb
Download Exploit EDB-556
EXPLOIT
exploitdb
访问
exploitdb
CVSS评分详情
9.3
CRITICAL
CVSS向量:
AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS版本:
2.0
机密性
COMPLETE
完整性
COMPLETE
可用性
COMPLETE
时间信息
发布时间:
2004-09-17 04:00:00
修改时间:
2024-08-08 00:10:03
创建时间:
2025-11-11 15:32:20
更新时间:
2025-11-11 17:02:52
利用信息
此漏洞有可利用代码!
利用代码数量:
6
利用来源:
未知
未知
未知
未知
未知
未知
数据源详情
| 数据源 | 记录ID | 版本 | 提取时间 |
|---|---|---|---|
| CVE | cve_CVE-2004-0200 |
2025-11-11 15:17:28 | 2025-11-11 07:32:20 |
| NVD | nvd_CVE-2004-0200 |
2025-11-11 14:50:55 | 2025-11-11 07:41:07 |
| CNNVD | cnnvd_CNNVD-200409-064 |
2025-11-11 15:08:44 | 2025-11-11 07:48:54 |
| EXPLOITDB | exploitdb_EDB-472 |
2025-11-11 15:05:57 | 2025-11-11 08:51:53 |
| EXPLOITDB | exploitdb_EDB-474 |
2025-11-11 15:05:50 | 2025-11-11 08:52:11 |
| EXPLOITDB | exploitdb_EDB-475 |
2025-11-11 15:05:57 | 2025-11-11 08:52:22 |
| EXPLOITDB | exploitdb_EDB-478 |
2025-11-11 15:05:57 | 2025-11-11 08:53:01 |
| EXPLOITDB | exploitdb_EDB-480 |
2025-11-11 15:05:57 | 2025-11-11 08:53:31 |
| EXPLOITDB | exploitdb_EDB-556 |
2025-11-11 15:05:57 | 2025-11-11 09:02:52 |
版本与语言
当前版本:
v9
主要语言:
EN
支持语言:
EN
ZH
其他标识符:
:
:
:
:
:
:
:
:
:
:
:
:
安全公告
暂无安全公告信息
变更历史
v9
EXPLOITDB
2025-11-11 17:02:52
references_count: 27 → 29; tags_count: 10 → 11
查看详细变更
- references_count: 27 -> 29
- tags_count: 10 -> 11
v8
EXPLOITDB
2025-11-11 16:53:31
references_count: 25 → 27; tags_count: 9 → 10
查看详细变更
- references_count: 25 -> 27
- tags_count: 9 -> 10
v7
EXPLOITDB
2025-11-11 16:53:01
references_count: 23 → 25; tags_count: 8 → 9
查看详细变更
- references_count: 23 -> 25
- tags_count: 8 -> 9
v6
EXPLOITDB
2025-11-11 16:52:22
references_count: 21 → 23; tags_count: 7 → 8
查看详细变更
- references_count: 21 -> 23
- tags_count: 7 -> 8
v5
EXPLOITDB
2025-11-11 16:52:11
references_count: 19 → 21; tags_count: 4 → 7
查看详细变更
- references_count: 19 -> 21
- tags_count: 4 -> 7
v4
EXPLOITDB
2025-11-11 16:51:53
references_count: 16 → 19; tags_count: 0 → 4; data_sources: ['cnnvd', 'cve', 'nvd'] → ['cnnvd', 'cve', 'exploitdb', 'nvd']
查看详细变更
- references_count: 16 -> 19
- tags_count: 0 -> 4
- data_sources: ['cnnvd', 'cve', 'nvd'] -> ['cnnvd', 'cve', 'exploitdb', 'nvd']
v3
CNNVD
2025-11-11 15:48:54
vulnerability_type: 未提取 → 授权问题; cnnvd_id: 未提取 → CNNVD-200409-064; data_sources: ['cve', 'nvd'] → ['cnnvd', 'cve', 'nvd']
查看详细变更
- vulnerability_type: 未提取 -> 授权问题
- cnnvd_id: 未提取 -> CNNVD-200409-064
- data_sources: ['cve', 'nvd'] -> ['cnnvd', 'cve', 'nvd']
v2
NVD
2025-11-11 15:41:07
severity: SeverityLevel.MEDIUM → SeverityLevel.CRITICAL; cvss_score: 未提取 → 9.3; cvss_vector: NOT_EXTRACTED → AV:N/AC:M/Au:N/C:C/I:C/A:C; cvss_version: NOT_EXTRACTED → 2.0; affected_products_count: 0 → 40; data_sources: ['cve'] → ['cve', 'nvd']
查看详细变更
- severity: SeverityLevel.MEDIUM -> SeverityLevel.CRITICAL
- cvss_score: 未提取 -> 9.3
- cvss_vector: NOT_EXTRACTED -> AV:N/AC:M/Au:N/C:C/I:C/A:C
- cvss_version: NOT_EXTRACTED -> 2.0
- affected_products_count: 0 -> 40
- data_sources: ['cve'] -> ['cve', 'nvd']