فا

‫ Microsoft Windows GDI "MRSETDIBITSTODEVICE::bPlay()" EMF Parsing Memory Corruption Vulnerability

ID: IRCAD2015043878
Release Date: 2015-04-14
Criticality level: Highly critical
Software:
Microsoft Windows 7
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Web Edition
Microsoft Windows Server 2008
Microsoft Windows Storage Server 2003
Microsoft Windows Vista
Description:
Secunia Research has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an error within the "MRSETDIBITSTODEVICE::bPlay()" function (GDI32.dll) and can be exploited to cause a memory corruption via an EMF file with a specially crafted EMR_SETDIBITSTODEVICE record.
Successful exploitation allows execution of arbitrary code.
The vulnerability is confirmed on a fully patched version of Windows 7 (gdi32.dll version 6.1.7601.18577).
Solution
Apply updates.
Windows Server 2003
Windows Vista
Windows Server 2008
Windows 7
Windows Server 2008 R2
Server Core installation option
References:
MS15-035 (KB3046306):
Secunia:

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 6 اردیبهشت 1394

امتیاز

امتیاز شما
تعداد امتیازها:0