CG5: Clip Art Buffer Overrun Vulnerability Patch

Article translations Article translations
Article ID: 256167 - View products that this article applies to.
This article was previously published under Q256167
This article has been archived. It is offered "as is" and will no longer be updated.
Expand all | Collapse all


Microsoft has developed a patch for avoiding a possible buffer overrun in Microsoft Clip Gallery. The buffer overrun could cause Clip Gallery 5.0 to stop responding (crash), or allow arbitrary code to run on your computer. A malicious user could embed this arbitrary code in a file that Clip Gallery 5.0 downloads to your computer. This code could be harmful, damaging information stored on the computer.

NOTE: If you do not have Clip Gallery 5.0 installed on your computer, then you do not need to use the Clip Gallery Buffer Overrun Patch.

More information

Microsoft Clip Gallery allows you to download additional clip art from Microsoft Design Gallery Live and the Web sites of our associated partners. This functionality includes the automatic installation of the downloaded clip art on your computer. Clip Gallery and Design Gallery Live use a special file format for downloading these clips, called the .CIL format. Under certain circumstances, a very long field embedded in a clip art .CIL file could cause a buffer overrun in the Clip Gallery software. When the buffer overrun occurs, the software could crash or cause arbitrary code to run on your computer.

The primary danger in this vulnerability is that the buffer overrun may occur when you open an attachment that includes a maliciously formed clip art file, or when you download a .CIL file from a malicious user's Web page.

For example, you go to a Web site that contains groups of clip art - saved in the .CIL format - for Office 2000, Works 2000, Picture It! 2000, Home Publisher 2000, or PhotoDraw 2000 Version 1. You believe these are legitimate download pages, and you download one of these .CIL files to use in Picture It! 2000. The instructions on the page tell you to double-click the file to open it in Clip Gallery. However, the person who made the Web site has embedded malicious code that deletes data on your hard disk. To make the malicious code run, the person also includes a very long field in the .CIL file. When you double-click the file to open it in Clip Gallery, Clip Gallery has a buffer overrun, and then the malicious code runs. Because Clip Gallery does not prompt you for confirmation, this vulnerability still affects you even if you follow safe computing practices, such as using virus detection software.

You can download the update file from the following location:
Follow the instructions on this page to install the Clip Art Buffer Overrun Vulnerability Patch.

You can obtain support for the tool through the support offering for your product listed in the product's Help file.


Article ID: 256167 - Last Review: October 26, 2013 - Revision: 2.0
Applies to
  • Microsoft Clip Gallery 5.0
kbnosurvey kbarchive kbinfo KB256167

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from