‫ Microsoft Multiple Products GDI+ TIFF Files Handling Memory Corruption Vulnerability

IRCAD2013112967
ID: IRCAD2013112967
Release Date: 2013-11-06
Criticality level: Extremely critical
Software:
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Lync 2010
Microsoft Lync 2010 Attendee 4.x
Microsoft Lync 2013
Microsoft Lync Basic 2013
Microsoft Office 2003 Professional Edition
Microsoft Office 2003 Small Business Edition
Microsoft Office 2003 Standard Edition
Microsoft Office 2003 Student and Teacher Edition
Microsoft Office 2007
Microsoft Office 2010
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats
Description:
A vulnerability has been reported in multiple Microsoft products, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to an error when handling TIFF files within the Microsoft Graphics Component (GDI+) and can be exploited to cause a memory corruption.
NOTE: This vulnerability is currently being actively exploited in targeted attacks.
Solution
No official solution is currently available.
References:
Microsoft (KB2896666):
Secunia
 

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 17 آبان 1392

امتیاز

امتیاز شما
تعداد امتیازها:0