Bing Sun

**Name of the Vulnerable Software and Affected Versions** Microsoft Message Queuing (MSMQ) (affected versions not specified) **Description** The issue is related to insufficient input validation in Microsoft Message Queuing (MSMQ) for Windows operating systems. It allows a remote attacker to perform a denial-of-service (DoS) attack. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue is related to insufficient protection of internal data in the Windows GDI+ interface, which can allow an attacker to gain unauthorized access to protected information using a specially crafted malicious file. This can enable attackers to obtain sensitive information and affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Graphics Component (affected versions not specified) **Description** The issue is related to an information disclosure vulnerability in the Windows Graphics component, which can allow an attacker to gain unauthorized access to protected information. This vulnerability involves the exposure of data in an erroneous data area. Technical details about exploitation include the use of a native network channel to exfiltrate leaked memory data. Specifically, setting the `Filename` field to start with a UNC path, such as `??UNC<IP address>@<port>`, can direct data to a WebDAV server, potentially allowing data exfiltration. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue is related to a buffer overflow in the Windows GDI component, allowing remote attackers to execute arbitrary code. This can affect the system, potentially leading to unauthorized access or control. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.