Test Kennung:	1.3.6.1.4.1.25623.1.0.102055
Kategorie:	Windows : Microsoft Bulletins
Titel:	Microsoft Windows GDI Multiple Vulnerabilities (925902)
Zusammenfassung:	Stack-based buffer overflow in the animated cursor code in; Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or; cause a denial of service (persistent reboot) via a large length value in the second (or later); anih block of a RIFF .ANI, cur, or .ico file, which results in memory corruption when processing; cursors, animated cursors, and icons, a variant of CVE-2005-0416, as originally demonstrated using; Internet Explorer 6 and 7.
Beschreibung:	Summary: Stack-based buffer overflow in the animated cursor code in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a large length value in the second (or later) anih block of a RIFF .ANI, cur, or .ico file, which results in memory corruption when processing cursors, animated cursors, and icons, a variant of CVE-2005-0416, as originally demonstrated using Internet Explorer 6 and 7. Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2006-5586 BugTraq ID: 23277 http://www.securityfocus.com/bid/23277 HPdes Security Advisory: HPSBST02206 http://www.securityfocus.com/archive/1/466186/100/200/threaded HPdes Security Advisory: SSRT071354 Microsoft Security Bulletin: MS07-017 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-017 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1385 http://www.securitytracker.com/id?1017846 http://www.vupen.com/english/advisories/2007/1215 Common Vulnerability Exposure (CVE) ID: CVE-2006-5758 BugTraq ID: 20940 http://www.securityfocus.com/bid/20940 http://kernelwars.blogspot.com/2007/01/alive.html http://projects.info-pull.com/mokb/MOKB-06-11-2006.html http://www.blackhat.com/html/bh-europe-07/bh-eu-07-speakers.html#Eriksson https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2056 http://securitytracker.com/id?1017168 http://secunia.com/advisories/22668 http://www.vupen.com/english/advisories/2006/4358 XForce ISS Database: windows-gdi-kernel-privilege-escalation(30042) https://exchange.xforce.ibmcloud.com/vulnerabilities/30042 Common Vulnerability Exposure (CVE) ID: CVE-2007-1211 BugTraq ID: 23275 http://www.securityfocus.com/bid/23275 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=499 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1571 http://www.securitytracker.com/id?1017843 XForce ISS Database: win-wmf-dos(33258) https://exchange.xforce.ibmcloud.com/vulnerabilities/33258 Common Vulnerability Exposure (CVE) ID: CVE-2007-1212 BugTraq ID: 23278 http://www.securityfocus.com/bid/23278 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1923 http://www.securitytracker.com/id?1017844 Common Vulnerability Exposure (CVE) ID: CVE-2007-1213 BugTraq ID: 23276 http://www.securityfocus.com/bid/23276 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1797 http://www.securitytracker.com/id?1017845 Common Vulnerability Exposure (CVE) ID: CVE-2007-1215 BugTraq ID: 23273 http://www.securityfocus.com/bid/23273 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1927 http://www.securitytracker.com/id?1017847
Copyright	Copyright (C) 2010 LSS

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.