HighProventia Network IPS, RealSecure Desktop Protector 3.6, RealSecure Server Sensor, RealSecure Network, BlackICE PC Protection, BlackICE Server Protection, BlackICE Agent for Server, Proventia Network IDS, Proventia Desktop, Proventia-G 1.1 and earlier, IBM Security Server Protection for Windows, Proventia Network MFS, Virtual Server Protection for Vmware, Proventia Server IPS for Linux technology:
This signature detects a specially crafted JPEG image that could cause an integer overflow in Internet Explorer or in Microsoft Paint. The threshold is adjustable via the pam.jfif.ie_size.threshold tuning parameter.
This signature detects a specially-crafted JPEG image that could cause an integer overflow in Internet Explorer. The threshold is adjustable via the pam.jfif.ie_size.threshold tuning parameter.
High
Proventia Network IPS: XPU 1.53, RealSecure Desktop Protector 3.6: eom, RealSecure Desktop: eom, RealSecure Server Sensor: XPU 24.14, RealSecure Network: XPU 24.14, BlackICE PC Protection: 3.6cpa, BlackICE Server Protection: 3.6.cpa, BlackICE Agent for Server: 3.6eom, Proventia Network IDS: XPU 24.14, Proventia Desktop: 8.0.615.3, Proventia-G 1.1 and earlier: XPU 24.14, IBM Security Server Protection for Windows: 1.0.914.0, IBM Security Server Protection for Windows: 2.1.14.2400, Proventia Network MFS: XPU 1.53, Virtual Server Protection for Vmware: 1.0, Proventia Server IPS for Linux technology: 1.0
Microsoft Internet Explorer: 6.0, Microsoft Internet Explorer: 5.5 SP2, Microsoft Internet Explorer: 6.0 SP1, Microsoft Windows XP: SP1, Microsoft Internet Explorer: 5.01 SP4, Microsoft Windows 2000: SP4, Microsoft Windows 2003 Server: x64, Microsoft Windows 2003 Server, Microsoft Windows XP: SP2, Microsoft Windows 2003 Server: Itanium, Microsoft Windows 2003 Server: SP1, Microsoft Windows XP: x64 Professional, Microsoft Windows 2003 Server: SP1 Itanium
Unauthorized Access Attempt
Microsoft Internet Explorer versions 5.01, 5.5 and 6 running on Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows 98, and Windows ME could allow a remote attacker to execute arbitrary code, caused by a vulnerability in the processing of JPEG images. A remote attacker can create a malicious JPEG image which, once the image is viewed, could allow the attacker to execute arbitrary code on the system with privileges of the victim. An attacker could exploit this vulnerability by sending the malicious image to a victim as an email or hosting it on a Web site and persuading the victim to view the image.
Apply the appropriate patch for your system, as listed in the latest Microsoft Security Bulletin. See References.
— OR —
Use Microsoft Automatic Update if it is supported by your operating system. The original bulletin issued by Microsoft has been superseded.
Microsoft Security Bulletin MS05-038
Cumulative Security Update for Internet Explorer (896727)
http://www.microsoft.com/technet/security/bulletin/ms05-038.mspx
US-CERT Vulnerability Note VU#965206
Microsoft Internet Explorer JPEG rendering library vulnerable to buffer overflow
http://www.kb.cert.org/vuls/id/965206
CIAC Information Bulletin P-265
Microsoft Cumulative Update for Internet Explorer
http://www.ciac.org/ciac/bulletins/p-265.shtml
Microsoft Security Bulletin MS05-052
Cumulative Security Update for Internet Explorer (896688)
http://www.microsoft.com/technet/security/Bulletin/MS05-052.mspx
Microsoft Security Bulletin MS05-054
Cumulative Security Update for Internet Explorer (905915)
http://www.microsoft.com/technet/security/Bulletin/MS05-054.mspx
Microsoft Security Bulletin MS06-004
Cumulative Security Update for Internet Explorer (910620)
http://www.microsoft.com/technet/security/Bulletin/MS06-004.mspx
Microsoft Security Bulletin MS06-013
Cumulative Security Update for Internet Explorer (912812)
http://www.microsoft.com/technet/security/Bulletin/MS06-013.mspx
Microsoft Security Bulletin MS06-021
Cumulative Security Update for Internet Explorer (916281)
http://www.microsoft.com/technet/security/Bulletin/MS06-021.mspx
Microsoft Security Bulletin MS06-042
Cumulative Security Update for Internet Explorer (918899)
http://www.microsoft.com/technet/security/bulletin/ms06-042.mspx
Microsoft Security Bulletin MS06-067
Cumulative Security Update for Internet Explorer (922760)
http://www.microsoft.com/technet/security/bulletin/ms06-067.mspx
Microsoft Security Bulletin MS06-072
Cumulative Security Update for Internet Explorer (925454)
http://www.microsoft.com/technet/security/Bulletin/MS06-072.mspx
Microsoft Security Bulletin MS07-016
Cumulative Security Update for Internet Explorer (928090)
http://www.microsoft.com/technet/security/Bulletin/ms07-016.mspx
Microsoft Security Bulletin MS07-027
Cumulative Security Update for Internet Explorer (931768)
http://www.microsoft.com/technet/security/bulletin/ms07-027.mspx
Microsoft Security Bulletin MS07-033
Cumulative Security Update for Internet Explorer (933566)
http://www.microsoft.com/technet/security/bulletin/ms07-033.mspx
Microsoft Security Bulletin MS07-045
Cumulative Security Update for Internet Explorer (937143)
http://www.microsoft.com/technet/security/bulletin/ms07-045.mspx
Microsoft Security Bulletin MS07-057
Cumulative Security Update for Internet Explorer (939653)
http://www.microsoft.com/technet/security/Bulletin/MS07-057.mspx
Microsoft Security Bulletin MS07-069
Cumulative Security Update for Internet Explorer (942615)
http://www.microsoft.com/technet/security/bulletin/ms07-069.mspx
Microsoft Security Bulletin MS08-010
Cumulative Security Update for Internet Explorer (944533)
http://www.microsoft.com/technet/security/bulletin/ms08-010.mspx
Microsoft Security Bulletin MS08-024
Cumulative Security Update for Internet Explorer (947864)
http://www.microsoft.com/technet/security/bulletin/ms08-024.mspx
Microsoft Security Bulletin MS08-031
Cumulative Security Update for Internet Explorer (950759)
http://www.microsoft.com/technet/security/Bulletin/MS08-031.mspx
Microsoft Security Bulletin MS08-045
Cumulative Security Update for Internet Explorer (953838)
http://www.microsoft.com/technet/security/bulletin/ms08-045.mspx
Microsoft Security Bulletin MS08-058
Cumulative Security Update for Internet Explorer (956390)
http://www.microsoft.com/technet/security/bulletin/ms08-058.mspx
ISS X-Force
Microsoft Internet Explorer JPEG image buffer overflow
http://www.iss.net/security_center/static/21701.php
CVE
CVE-2005-2308
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2308