CVE-2007-3034

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the fixed version

Description: The issue is related to an integer overflow in the Graphics Rendering Engine (GDI) that can lead to a heap-based buffer overflow. This occurs when a crafted metafile (image) with a large record length value is processed. The vulnerability can be exploited by an attacker constructing a specially crafted image, potentially allowing remote code execution if a user opens the malicious attachment.

Recommendations: For Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1, update to a version that includes the fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.