Intrusion Prevention

MS.Windows.GDI.ICO.File.DoS

Description

This indicates an attempt to exploit a denial of service vulnerability in the Microsoft Windows Graphics Device Interface.
Microsoft Windows Graphics Device Interface allows context dependent attackers to cause a denial of service via an ICO file with an InfoHeader containing a height of zero, which triggers a divide-by-zero error.

Affected Products

Microsoft Windows XP Tablet PC Edition SP2
Microsoft Windows XP Tablet PC Edition SP1
Microsoft Windows XP Tablet PC Edition
Microsoft Windows XP Professional x64 Edition SP2
Microsoft Windows XP Professional x64 Edition
Microsoft Windows XP Professional SP2
Microsoft Windows XP Professional SP1
Microsoft Windows XP Professional
Microsoft Windows XP Media Center Edition SP2
Microsoft Windows XP Media Center Edition SP1
Microsoft Windows XP Media Center Edition
Microsoft Windows XP Home SP2
Microsoft Windows XP Home SP1
Microsoft Windows XP Home
Microsoft Windows XP Gold
Microsoft Windows XP 64-bit Edition Version 2003 SP1
Microsoft Windows XP 64-bit Edition Version 2003
Microsoft Windows XP 64-bit Edition SP1
Microsoft Windows XP 64-bit Edition
Microsoft Windows XP

Impact

Denial of Service.

Recommended Actions

Currently we are not aware of any offically released patch.

CVE References

CVE-2007-2237