‫ Microsoft Windows Remote Desktop ActiveX Control Vulnerability

IRCAD2013042633
ID: IRCAD2013042633
Release Date: 2013-04-09
Criticality level: Highly critical
 
Software:
Microsoft Windows 7
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Web Edition
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional
 
Description:
A vulnerability has been reported in Microsoft Windows, which can be exploited to compromise a user's system.
The vulnerability is caused due to an error within the Remote Desktop ActiveX control and can be exploited to reference an already freed object and cause memory corruption.
Successful exploitation allows execution of arbitrary code.
 
Solution
Apply updates.
 
Windows XP
Windows XP Service Pack 3
Windows XP Service Pack 3
Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Vista
Windows Vista Service Pack 2
Windows Vista Service Pack 2
Windows Vista x64 Edition Service Pack 2
Windows Vista x64 Edition Service Pack 2
Windows Server 2008
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for Itanium-based Systems Service Pack 2
Windows 7
Windows 7 for 32-bit Systems
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 R2
Windows Server 2008 R2 for x64-based Systems
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for Itanium-based Systems
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
 
References:
MS-13-029 (KB2813345, KB2813347, KB2828223):
 
Secunia:
 

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 21 فروردین 1392

امتیاز

امتیاز شما
تعداد امتیازها:0