Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution

  Severity: CRITICAL
  CVE Identifier: CVE-2010-3970
  Advisory Date: JAN 07, 2011

  DESCRIPTION

There is a vulnerability found in Windows Graphics Rendering Engine that may lead toexecution of arbitrary code once successfully exploited by a malicious remote user. It may also enable user toinstallation of programs, creation of malicious accounts, and changing, viewing or deleting data. User accounts with lesser user rights are less affected.

  TREND MICRO PROTECTION INFORMATION

Trend Micro clients using OfficeScan with Intrusion Defense Firewall (IDF) may refer to the table below for the pattern filter identifier(s):

Microsoft Bulletin ID Vulnerability ID Identifier & Title IDF First Pattern Version IDF First Pattern Release Version
CVE-2010-3970 1004466 - Microsoft Windows 'CreateSizedDIBSECTION()' Thumbnail View Stack Overflow Vulnerability Over Network Share 11-002 Jan 12, 2011
CVE-2010-3970 1004468 - Microsoft Windows 'CreateSizedDIBSECTION()' Thumbnail View Stack Overflow Vulnerability 11-002 Jan 12, 2011

  AFFECTED SOFTWARE AND VERSION

  • Windows XP Service Pack 3
  • Windows XP Professional x64 Edition Service Pack 2
  • Windows Server 2003 Service Pack 2
  • Windows Server 2003 x64 Edition Service Pack 2
  • Windows Server 2003 with SP2 for Itanium-based Systems
  • Windows Vista Service Pack 1 and Windows Vista Service Pack 2
  • Windows Vista x64 Edition Service Pack 1 and Windows Vista x64 Edition Service Pack 2
  • Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2
  • Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2
  • Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2