Intrusion Prevention

MS.Windows.GDI.PNG.Heap.Overflow

Description

This indicates an attempt to exploit a code-execution vulnerability in Microsoft Windows.
The vulnerability is caused by an error that occurs when Windows GDI+ handles a malformed PNG image file. A remote attacker could exploit this vulnerability to execute arbitrary code by sending a specially crafted PNG file.

Affected Products

Microsoft Internet Explorer 6 Service Pack 1 when installed on Microsoft Windows 2000 Service Pack 4
Windows XP Service Pack 2 and Windows XP Service Pack 3
Microsoft Office XP Service Pack 3
Microsoft Office 2003 Service Pack 3
2007 Microsoft Office System Service Pack 1
2007 Microsoft Office System Service Pack 2
Microsoft Office Project 2002 Service Pack 1
Microsoft Visio 2002 Service Pack 2
Microsoft Office Word Viewer, Microsoft Word Viewer 2003, Microsoft Word Viewer 2003 Service Pack 3, Microsoft Office Excel Viewer 2003, Microsoft Office Excel Viewer 2003 Service Pack 3
Microsoft Office Excel Viewer, Microsoft Office PowerPoint Viewer 2007, Microsoft Office PowerPoint Viewer 2007 Service Pack 1
Microsoft Office PowerPoint Viewer 2007 Service Pack 2
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 1
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 2
Microsoft Expression Web and Microsoft Expression Web 2
Microsoft Office Groove 2007 and Microsoft Office Groove 2007 Service Pack 1
Microsoft Works 8.5
SQL Server 2000 Reporting Services Service Pack 2
SQL Server 2005 Service Pack 2
SQL Server 2005 x64 Edition Service Pack 2
SQL Server 2005 for Itanium-based Systems Service Pack 2
SQL Server 2005 Service Pack 3
SQL Server 2005 x64 Edition Service Pack 3
SQL Server 2005 for Itanium-based Systems Service Pack 3
Microsoft Report Viewer 2005 Service Pack 1 Redistributable Package
Microsoft Report Viewer 2008 Redistributable Package
Microsoft Report Viewer 2008 Redistributable Package Service Pack 1
Microsoft Forefront Client Security 1.0 when installed on Microsoft Windows 2000 Service Pack 4

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Refer to the vendor's web site for the suggested workaround:
http://www.microsoft.com/technet/security/Bulletin/ms09-062.mspx

CVE References

CVE-2009-2501