Technorati
Digg
Delicious
Reddit
StumbleUpon
Facebook
Yahoo
Twitter
Faves
Newsvine
Severity: High
This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.Description
This signature detects attempts exploit a vulnerability in Kodak Image Viewer when viewing a malicious TIFF file which could result in remote code execution.Additional Information
This critical security update resolves a privately reported vulnerability. A remote code execution vulnerability exists in the way that the Kodak Image Viewer, formerly know as Wang Image Viewer, handles specifically crafted images files. This vulnerability could allow an attacker remotely execute code on the affected system. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.This vulnerability exists only on Windows 2000 systems, however supported editions of Windows XP and Windows 2003 may also be affected if upgraded from Windows 2000. This is a critical security update for Windows 2000 Service Pack 4, Windows XP Service Pack 2 and, for supported versions and editions of Windows Server 2003.
Affected
- Microsoft Windows 2000 Service Pack 4
- Windows XP Service Pack 2
- Windows Server 2003 Service Pack 1
- Windows Server 2003 Service Pack 2