‫ Microsoft Windows InformationCardSigninHelper Class ActiveX Control Code Execution Vulnerability

IRCAD2013112977
ID: IRCAD2013112977
Release Date: 2013-11-11
Criticality level: extremely critical
Software:
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows RT
Microsoft Windows RT 8.1
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Web Edition
Microsoft Windows Server 2008
Microsoft Windows Server 2012
Microsoft Windows Storage Server 2003
Microsoft Windows Vista
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional
Description:
A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to a boundary error within the InformationCardSigninHelper Class ActiveX control (icardie.dll) and can be exploited to corrupt the system state.
Successful exploitation allows execution of arbitrary code.
Solution
Apply update.
References:
Microsoft (KB2900986):
Secunia:
http://secunia.com/advisories/55611/

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 25 آبان 1392

امتیاز

امتیاز شما
تعداد امتیازها:0