فا

‫ Microsoft Internet Explorer Multiple Vulnerabilities

IRCAD2012021724
ID:IRCAD2012021724
Release Date: 2012-02-14
Criticality level: Highly critical
Software:
Microsoft Internet Explorer 7.x
Microsoft Internet Explorer 8.x
Microsoft Internet Explorer 9.x
Description:
Multiple vulnerabilities have been reported in Microsoft Internet Explorer, which can be exploited by malicious people to bypass certain security restrictions, disclose potentially sensitive information, and compromise a user's system.
1) An error exists when handling copy and paste operations.
2) An error when accessing a deleted object within certain HTML layout handling can be exploited to corrupt memory.
3) An error when handling NULL bytes during the creation and initialisation of strings can be exploited to read process memory.
4) An error when accessing a deleted object within VML handling can be exploited to corrupt memory.
Successful exploitation of vulnerabilities #2 and #4 allows execution of arbitrary code.
Solution:
Apply patches.
Windows XP Service Pack 3: Internet Explorer 6
Windows XP Professional x64 Edition Service Pack 2: Internet Explorer 6
Windows Server 2003 Service Pack 2: Internet Explorer 6
Windows Server 2003 x64 Edition Service Pack 2: Internet Explorer 6
Windows Server 2003 with SP2 for Itanium-based Systems: Internet Explorer 6
Windows XP Service Pack 3: Internet Explorer 7
Windows XP Professional x64 Edition Service Pack 2: Internet Explorer 7
Windows Server 2003 Service Pack 2: Internet Explorer 7
Windows Server 2003 x64 Edition Service Pack 2: Internet Explorer 7
Windows Server 2003 with SP2 for Itanium-based Systems: Internet Explorer 7
Windows Vista Service Pack 2: Internet Explorer 7
Windows Vista x64 Edition Service Pack 2: Internet Explorer 7
Windows Server 2008 for 32-bit Systems Service Pack 2: Internet Explorer 7
Windows Server 2008 for x64-based Systems Service Pack 2: Internet Explorer 7
Windows Server 2008 for Itanium-based Systems Service Pack 2: Internet Explorer 7
Windows XP Service Pack 3: Internet Explorer 8
Windows XP Professional x64 Edition Service Pack 2: Internet Explorer 8
Windows Server 2003 Service Pack 2: Internet Explorer 8
Windows Server 2003 x64 Edition Service Pack 2: Internet Explorer 8
Windows Vista Service Pack 2: Internet Explorer 8
Windows Vista x64 Edition Service Pack 2: Internet Explorer 8
Windows Server 2008 for 32-bit Systems Service Pack 2: Internet Explorer 8
Windows Server 2008 for x64-based Systems Service Pack 2: Internet Explorer 8
Windows 7 for 32-bit Systems and Windows 7 for 32-bit Systems Service Pack 1: Internet Explorer 8
Windows 7 for x64-based Systems and Windows 7 for x64-based Systems Service Pack 1: Internet Explorer 8
Windows Server 2008 R2 for x64-based Systems and Windows Server 2008 R2 for x64-based Systems Service Pack 1: Internet Explorer 8
Windows Server 2008 R2 for Itanium-based Systems and Windows Server 2008 R2 for Itanium-based Systems Service Pack 1: Internet Explorer 8
Windows Vista Service Pack 2: Internet Explorer 9
Windows Vista x64 Edition Service Pack 2: Internet Explorer 9
Windows Server 2008 for 32-bit Systems Service Pack 2: Internet Explorer 9
Windows Server 2008 for x64-based Systems Service Pack 2: Internet Explorer 9
Windows 7 for 32-bit Systems and Windows 7 for 32-bit Systems Service Pack 1: Internet Explorer 9
Windows 7 for x64-based Systems and Windows 7 for x64-based Systems Service Pack 1: Internet Explorer 9
Windows Server 2008 R2 for x64-based Systems and Windows Server 2008 R2 for x64-based Systems Service Pack 1: Internet Explorer 9
References:
MS12-010 (KB2647516):
Secunia:

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 26 بهمن 1390

امتیاز

امتیاز شما
تعداد امتیازها: 0