Title: Microsoft Windows Image Acquisition Service Privilege Escalation Vulnerability
Severity: HIGH
Description:
Microsoft Windows Image Acquisition (WIA) service enables communication between imaging programs and imaging devices.
The service is prone to a vulnerability due to an unchecked buffer that may result in attacker-supplied code executing with elevated privileges.
An attacker may exploit this issue to gain SYSTEM-level privileges. Successful exploits will result in the complete compromise of vulnerable computers.
NOTE: The affected service is available only on Windows XP.
Affected Products:
- Microsoft Windows XP
- Microsoft Windows XP Embedded
- Microsoft Windows XP Embedded SP1
- Microsoft Windows XP Home
- Microsoft Windows XP Home SP1
- Microsoft Windows XP Home SP2
- Microsoft Windows XP Media Center Edition
- Microsoft Windows XP Media Center Edition SP1
- Microsoft Windows XP Media Center Edition SP2
- Microsoft Windows XP Professional
- Microsoft Windows XP Professional SP1
- Microsoft Windows XP Professional SP2
- Microsoft Windows XP Tablet PC Edition
- Microsoft Windows XP Tablet PC Edition SP1
- Microsoft Windows XP Tablet PC Edition SP2
References:
- Microsoft: Microsoft Homepage
- Microsoft: Microsoft Security Bulletin MS07-007
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
