← CVECheck
HomeVulnerabilities

CVE-2004-0200 — HIGH severity vulnerability (Buffer overflow in the JPEG (JPG) parsing engine in the Micr)

Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.

CVE IDCVE-2004-0200
SeverityHIGH
CVSS score9.3
CVSS vectorAV:N/AC:M/Au:N/C:C/I:C/A:C
CWENVD-CWE-Other
StatusModified
Published2004-09-28
Last modified2026-04-16
DescriptionBuffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →