← back
CVE-2008-4327

CVE-2008-4327

EPSS 15.7%
gdiplus.dll in GDI+ in Microsoft Windows XP SP3 does not properly handle crafted .ico files, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a certain crash.ico file on a web site, and allows user-assisted attackers to cause a denial of service (divide-by-zero error and persistent application crash) via this crash.ico file on the desktop, a different vulnerability than CVE-2007-2237.
Affected products
n/a · n/a
public PoCs found1
cve_referencewww.exploit-db.com/exploits/6588unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/45464https://www.exploit-db.com/exploits/6588http://www.securityfocus.com/bid/31432