Skip navigation.

Looking for Latest Graphic Device Interface(GDI) Vulnerability samples


Hi all, I'm looking for sample images of the vulnerabilities in Graphics Device Interface EMF formatted images released few days ago from Microsoft. The exploit (named "top.jpg") contains functional payload and downloads secondary file (word.gif) and in return downloads additional malicious code. The exploit image is detected by Symantec as HTTP GDI EMF Remote Code Exec and the malicous code detected as Trojan.Emifie. Thanks in advance.

I just uploaded a sample,

I just uploaded a sample, waiting for it to be processed. Here is the md5. But from what I hear this file is only an attempt at the exploit and it doesn't quite work.



Thanks for the info.. I will check it out ..

Milw0rm has a sample as well