漏洞信息详情
Microsoft Remote Desktop Connection Client 基于堆缓冲区溢出漏洞
- CNNVD编号:CNNVD-200908-128
- 危害等级: 中危
- CVE编号: CVE-2009-1133
- 漏洞类型: 缓冲区错误
- 发布时间: 2009-08-12
- 威胁类型: 远程
- 更新时间: 2019-04-02
- 厂 商: microsoft
- 漏洞来源: team509 and the Su...
漏洞简介
Windows上的Microsoft远程桌面联接(前中毒服务客户机程序) running RDP 5.0 至6.1及Mac 2.0 远程桌面联接客户机程序中存在基于堆缓冲区溢出, 该漏洞会允许远程攻击者通过未明向量来执行任意代码。它又称作 \"远程桌面联接堆溢出漏洞\"。
漏洞公告
目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
Microsoft RDP 6.1
Microsoft Security Update for Windows Server 2008 (KB956744)
http://www.microsoft.com/downloads/details.aspx?familyid=71c17a87-710b -434d-9b2a-2f471674915a
Microsoft Security Update for Windows Server 2008 for Itanium-based Systems (KB956744)
http://www.microsoft.com/downloads/details.aspx?familyid=65d0af4e-22a2 -4524-a003-2f4858012fa8
Microsoft Security Update for Windows Server 2008 x64 Edition (KB956744)
http://www.microsoft.com/downloads/details.aspx?familyid=f095d2d5-4513 -4ae1-96c7-cbcf83304261
Microsoft Security Update for Windows Vista (KB956744)
http://www.microsoft.com/downloads/details.aspx?familyid=cf95a552-f6fd -4e35-815a-d16c015cd3ea
Microsoft Security Update for Windows Vista for x64-based Systems (KB956744)
http://www.microsoft.com/downloads/details.aspx?familyid=5e19cef7-2413 -4575-9597-c6273a097aad
Microsoft Security Update for Windows XP (KB956744)
http://www.microsoft.com/downloads/details.aspx?familyid=d1f82d76-eeb2 -4ff4-9d2c-46882f214719
Microsoft Security Update for Windows XP x64 Edition (KB956744)
http://www.microsoft.com/downloads/details.aspx?familyid=5061615f-fa8f -465f-ac8f-393998b7e91b
Microsoft RDP 6.0
Microsoft Security Update for Windows Server 2003 (KB956744)
http://www.microsoft.com/downloads/details.aspx?familyid=a37a2d8a-a5ce -4f06-bf07-8cafa16e7a59
Microsoft Security Update for Windows Server 2003 x64 Edition (KB956744)
http://www.microsoft.com/downloads/details.aspx?familyid=957c2e01-89a1 -4550-aacb-de8ff896d762
Microsoft Security Update for Windows Vista (KB956744)
http://www.microsoft.com/downloads/details.aspx?familyid=cf95a552-f6fd -4e35-815a-d16c015cd3ea
Microsoft Security Update for Windows Vista for x64-based Systems (KB956744)
http://www.microsoft.com/downloads/details.aspx?familyid=5e19cef7-2413 -4575-9597-c6273a097aad
Microsoft Security Update for Windows XP (KB956744)
http://www.microsoft.com/downloads/details.aspx?familyid=d1f82d76-eeb2 -4ff4-9d2c-46882f214719
Microsoft RDP 5.1
Microsoft Security Update for Windows 2000 (KB958470)
http://www.microsoft.com/downloads/details.aspx?familyid=ae72782e-920f -4176-a27b-c3b91d50c7d2
Microsoft Security Update for Windows XP (KB958470)
http://www.microsoft.com/downloads/details.aspx?familyid=2a8830dd-8fb3 -4556-a6e7-2c237235357f
Microsoft RDP 5.2
Microsoft Security Update for Windows 2000 (KB958470)
http://www.microsoft.com/downloads/details.aspx?familyid=ae72782e-920f -4176-a27b-c3b91d50c7d2
Microsoft Security Update for Windows Server 2003 (KB958469)
http://www.microsoft.com/downloads/details.aspx?familyid=60c79729-ef01 -4630-bd67-ec63e7f8b56b
Microsoft Security Update for Windows Server 2003 for Itanium-based Systems (KB958469)
http://www.microsoft.com/downloads/details.aspx?familyid=8f88a714-b917 -4193-9002-19fa65722028
Microsoft Security Update for Windows Server 2003 x64 Edition (KB958469)
http://www.microsoft.com/downloads/details.aspx?familyid=57393588-dc96 -4bda-ab1e-ae550961e5d4
Microsoft Security Update for Windows XP (KB958469)
http://www.microsoft.com/downloads/details.aspx?familyid=cf9f9898-10c8 -45ab-9df3-85e0b37e6046
Microsoft Security Update for Windows XP (KB958470)
http://www.microsoft.com/downloads/details.aspx?familyid=2a8830dd-8fb3 -4556-a6e7-2c237235357f
Microsoft Security Update for Windows XP x64 Edition (KB958469)
http://www.microsoft.com/downloads/details.aspx?familyid=948da99a-44ed -4390-b1b4-7ed3f15a9cda
参考网址
来源:SECUNIA
链接:http://secunia.com/advisories/36229
来源:MS
链接:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-044
来源:CERT
链接:http://www.us-cert.gov/cas/techalerts/TA09-223A.HTML
来源:SECTRACK
链接:http://www.securitytracker.com/id?1022709
来源:OVAL
链接:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5693
来源:VUPEN
链接:http://www.vupen.com/english/advisories/2009/2238
受影响实体
- Microsoft Windows_vista:X64
- Microsoft Windows_vista:-:Sp2
- Microsoft Windows_vista
- Microsoft Windows_vista:-:Sp1
- Microsoft Windows_server_2003:Sp2:Itanium
补丁
暂无
评论