Intrusion Prevention

MS.Windows.Kodak.Image.Viewer.TIFF.Stack.Buffer.Overflow

Description

This indicates a possible attempt to exploit a Buffer Overflow vulnerability in Windows Kodak Image Viewer.
The vulnerability is a result of the way that the Kodak Image Viewer handles image files. An attacker may be able to exploit this vulnerability by constructing a specially crafted image file that allows remote code execution. The exploit can be triggered when a user visits a web site and views a specially crafted image file, or opens an e-mail attachment.

Affected Products

Microsoft Windows 2000 Service Pack 4
Windows XP Service Pack 2
Windows Server 2003 Service Pack 1
Windows Server 2003 Service Pack 2

Impact

System Compromise: Remote code execution.

Recommended Actions

Apply the patch, available from the following web site:
http://www.microsoft.com/technet/security/bulletin/ms07-055.mspx

CVE References

CVE-2007-2217