DiamondCS JpegScan

From: Rod S (rsoto_at_tpg.com.au)
Date: 10/24/04

Date: Sun, 24 Oct 2004 10:19:31 -0700

Program to scan for Jpeg exploit....


What is the MS04-028 JPEG exploit?
On September 14 2004, Nick DeBaggis discovered a buffer overrun
vulnerability in gdiplus.dll - a library used by many common applications
(including most Microsoft applications) for viewing JPEG images. Subsequent
analysis by the eEye team confirmed that the vulnerability could be
exploited to execute arbitrary code, allowing an attacker to gain control of
a remote system simply by enticing the victim to look at a specially-crafted
JPEG image. MS04-028 is the tracking code assigned by Microsoft to this
specific vulnerability.

Relevant Pages