CVE-2007-1215

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions 2000 SP4 through Vista

Description A local elevation of privilege issue exists due to the way the Graphics Device Interface (GDI) processes color-related parameters in crafted images, potentially allowing an attacker to gain complete control of the system.

Recommendations For Microsoft Windows versions 2000 SP4 through Vista, consider restricting access to image processing functions until a patch is available. As a temporary workaround, avoid using crafted images that could exploit the color-related parameters issue in the GDI. At the moment, there is no information about a newer version that contains a fix for this vulnerability.