Intrusion PreventionMS.Windows.GDI.PNG.Heap.Overflow
Description
This indicates an attempt to exploit a code-execution vulnerability in Microsoft Windows.
The vulnerability is caused by an error that occurs when Windows GDI+ handles a malformed PNG image file. A remote attacker could exploit this vulnerability to execute arbitrary code by sending a specially crafted PNG file.
Affected Products
Microsoft Internet Explorer 6 Service Pack 1 when installed on Microsoft Windows 2000 Service Pack 4
Windows XP Service Pack 2 and Windows XP Service Pack 3
Microsoft Office XP Service Pack 3
Microsoft Office 2003 Service Pack 3
2007 Microsoft Office System Service Pack 1
2007 Microsoft Office System Service Pack 2
Microsoft Office Project 2002 Service Pack 1
Microsoft Visio 2002 Service Pack 2
Microsoft Office Word Viewer, Microsoft Word Viewer 2003, Microsoft Word Viewer 2003 Service Pack 3, Microsoft Office Excel Viewer 2003, Microsoft Office Excel Viewer 2003 Service Pack 3
Microsoft Office Excel Viewer, Microsoft Office PowerPoint Viewer 2007, Microsoft Office PowerPoint Viewer 2007 Service Pack 1
Microsoft Office PowerPoint Viewer 2007 Service Pack 2
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 1
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 2
Microsoft Expression Web and Microsoft Expression Web 2
Microsoft Office Groove 2007 and Microsoft Office Groove 2007 Service Pack 1
Microsoft Works 8.5
SQL Server 2000 Reporting Services Service Pack 2
SQL Server 2005 Service Pack 2
SQL Server 2005 x64 Edition Service Pack 2
SQL Server 2005 for Itanium-based Systems Service Pack 2
SQL Server 2005 Service Pack 3
SQL Server 2005 x64 Edition Service Pack 3
SQL Server 2005 for Itanium-based Systems Service Pack 3
Microsoft Report Viewer 2005 Service Pack 1 Redistributable Package
Microsoft Report Viewer 2008 Redistributable Package
Microsoft Report Viewer 2008 Redistributable Package Service Pack 1
Microsoft Forefront Client Security 1.0 when installed on Microsoft Windows 2000 Service Pack 4
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Refer to the vendor's web site for the suggested workaround:
http://www.microsoft.com/technet/security/Bulletin/ms09-062.mspx
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
| ID | 25156 |
| Created | Mar 22, 2011 |
| Updated | Mar 11, 2022 |
| Risk |
|
| CVE ID | CVE-2009-2501 |
| Exploit Prediction Score | 79.6% |
| Default Action | drop |
| Active | |
| Affected OS | Windows |
| Affected App | Other |