Buffer Overrun in JPEG Processing (GDI+) Could Allow Code Execution (833987)
This update resolves a newly-discovered, privately reported vulnerability. A buffer overrun vulnerability exists in the processing of JPEG image formats that could allow remote code execution on an affected system. The vulnerability is documented in this bulletin in its own section.
If a user is logged on with administrator privileges, an attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges. Users whose accounts are configured to have fewer privileges on the system would be at less risk than users who operate with administrative privileges.
Disclaimer: This webpage is intended to provide you information about patch announcements for certain specific software products. The information is provided "As Is" without warranty of any kind. The links provided point to pages on the vendors' websites. You can get more information by clicking the links to visit the relevant pages on the vendors' websites. Desktop Central is NOT endorsed by the vendors of the software products.