漏洞信息详情
easyHDR Pro 多个缓冲区溢出漏洞
- CNNVD编号:CNNVD-200901-299
- 危害等级: 中危
- CVE编号: CVE-2009-0254
- 漏洞类型: 缓冲区溢出
- 发布时间: 2009-01-22
- 威胁类型: 远程
- 更新时间: 2009-02-05
- 厂 商: easyhdr
- 漏洞来源: Stefan Cornelius o...
漏洞简介
EasyHDR是一款图像处理软件。 easyHDR PRO 1.60.2版本存在栈缓冲区溢出漏洞。用户协助式攻击者可以借助一个无效的灵活的图像传送系统文件,执行任意的代码。
漏洞公告
目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接: Sun Solaris 10.0 Sun 145455-01 http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21 -140455-01-1 Debian Linux 4.0 powerpc Debian vnc4-common_4.1.1+X4.3.0-21+etch1_powerpc.deb http://security.debian.org/pool/updates/main/v/vnc4/vnc4-common_4.1.1+ X4.3.0-21+etch1_powerpc.deb Debian vnc4server_4.1.1+X4.3.0-21+etch1_powerpc.deb http://security.debian.org/pool/updates/main/v/vnc4/vnc4server_4.1.1+X 4.3.0-21+etch1_powerpc.deb Debian xvnc4viewer_4.1.1+X4.3.0-21+etch1_powerpc.deb http://security.debian.org/pool/updates/main/v/vnc4/xvnc4viewer_4.1.1+ X4.3.0-21+etch1_powerpc.deb Sun Solaris 10.0_x86 Sun 140456-01 http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21 -140456-01-1 Debian Linux 4.0 amd64 Debian vnc4-common_4.1.1+X4.3.0-21+etch1_amd64.deb http://security.debian.org/pool/updates/main/v/vnc4/vnc4-common_4.1.1+ X4.3.0-21+etch1_amd64.deb Debian vnc4server_4.1.1+X4.3.0-21+etch1_amd64.deb http://security.debian.org/pool/updates/main/v/vnc4/vnc4server_4.1.1+X 4.3.0-21+etch1_amd64.deb Debian xvnc4viewer_4.1.1+X4.3.0-21+etch1_amd64.deb http://security.debian.org/pool/updates/main/v/vnc4/xvnc4viewer_4.1.1+ X4.3.0-21+etch1_amd64.deb Debian Linux 4.0 ia-32 Debian vnc4-common_4.1.1+X4.3.0-21+etch1_i386.deb http://security.debian.org/pool/updates/main/v/vnc4/vnc4-common_4.1.1+ X4.3.0-21+etch1_i386.deb Debian vnc4server_4.1.1+X4.3.0-21+etch1_i386.deb http://security.debian.org/pool/updates/main/v/vnc4/vnc4server_4.1.1+X 4.3.0-21+etch1_i386.deb Debian xvnc4viewer_4.1.1+X4.3.0-21+etch1_i386.deb http://security.debian.org/pool/updates/main/v/vnc4/xvnc4viewer_4.1.1+ X4.3.0-21+etch1_i386.deb 目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接: Debian Linux 4.0 hppa Debian vnc4-common_4.1.1+X4.3.0-21+etch1_hppa.deb http://security.debian.org/pool/updates/main/v/vnc4/vnc4-common_4.1.1+ X4.3.0-21+etch1_hppa.deb Debian vnc4server_4.1.1+X4.3.0-21+etch1_hppa.deb http://security.debian.org/pool/updates/main/v/vnc4/vnc4server_4.1.1+X 4.3.0-21+etch1_hppa.deb Debian xvnc4viewer_4.1.1+X4.3.0-21+etch1_hppa.deb http://security.debian.org/pool/updates/main/v/vnc4/xvnc4viewer_4.1.1+ X4.3.0-21+etch1_hppa.deb Debian Linux 4.0 sparc Debian vnc4-common_4.1.1+X4.3.0-21+etch1_sparc.deb http://security.debian.org/pool/updates/main/v/vnc4/vnc4-common_4.1.1+ X4.3.0-21+etch1_sparc.deb Debian vnc4server_4.1.1+X4.3.0-21+etch1_sparc.deb http://security.debian.org/pool/updates/main/v/vnc4/vnc4server_4.1.1+X 4.3.0-21+etch1_sparc.deb Debian xvnc4viewer_4.1.1+X4.3.0-21+etch1_sparc.deb http://security.debian.org/pool/updates/main/v/vnc4/xvnc4viewer_4.1.1+ X4.3.0-21+etch1_sparc.deb Debian Linux 4.0 s/390 Debian vnc4-common_4.1.1+X4.3.0-21+etch1_s390.deb http://security.debian.org/pool/updates/main/v/vnc4/vnc4-common_4.1.1+ X4.3.0-21+etch1_s390.deb Debian vnc4server_4.1.1+X4.3.0-21+etch1_s390.deb http://security.debian.org/pool/updates/main/v/vnc4/vnc4server_4.1.1+X 4.3.0-21+etch1_s390.deb Debian xvnc4viewer_4.1.1+X4.3.0-21+etch1_s390.deb http://security.debian.org/pool/updates/main/v/vnc4/xvnc4viewer_4.1.1+ X4.3.0-21+etch1_s390.deb Debian Linux 4.0 alpha Debian vnc4-common_4.1.1+X4.3.0-21+etch1_alpha.deb http://security.debian.org/pool/updates/main/v/vnc4/vnc4-common_4.1.1+ X4.3.0-21+etch1_alpha.deb Debian vnc4server_4.1.1+X4.3.0-21+etch1_alpha.deb http://security.debian.org/pool/updates/main/v/vnc4/vnc4server_4.1.1+X 4.3.0-21+etch1_alpha.deb Debian xvnc4viewer_4.1.1+X4.3.0-21+etch1_alpha.deb http://security.debian.org/pool/updates/main/v/vnc4/xvnc4viewer_4.1.1+ X4.3.0-21+etch1_alpha.deb Debian Linux 4.0 mipsel Debian vnc4-common_4.1.1+X4.3.0-21+etch1_mipsel.deb http://security.debian.org/pool/updates/main/v/vnc4/vnc4-common_4.1.1+ X4.3.0-21+etch1_mipsel.deb Debian vnc4server_4.1.1+X4.3.0-21+etch1_mipsel.deb http://security.debian.org/pool/updates/main/v/vnc4/vnc4server_4.1.1+X 4.3.0-21+etch1_mipsel.deb Debian xvnc4viewer_4.1.1+X4.3.0-21+etch1_mipsel.deb http://security.debian.org/pool/updates/main/v/vnc4/xvnc4viewer_4.1.1+ X4.3.0-21+etch1_mipsel.deb Debian Linux 4.0 ia-64 Debian vnc4-common_4.1.1+X4.3.0-21+etch1_ia64.deb http://security.debian.org/pool/updates/main/v/vnc4/vnc4-common_4.1.1+ X4.3.0-21+etch1_ia64.deb Debian vnc4server_4.1.1+X4.3.0-21+etch1_ia64.deb http://security.debian.org/pool/updates/main/v/vnc4/vnc4server_4.1.1+X 4.3.0-21+etch1_ia64.deb Debian xvnc4viewer_4.1.1+X4.3.0-21+etch1_ia64.deb http://security.debian.org/pool/updates/main/v/vnc4/xvnc4viewer_4.1.1+ X4.3.0-21+etch1_ia64.deb Debian Linux 4.0 mips Debian vnc4-common_4.1.1+X4.3.0-21+etch1_mips.deb http://security.debian.org/pool/updates/main/v/vnc4/vnc4-common_4.1.1+ X4.3.0-21+etch1_mips.deb Debian vnc4server_4.1.1+X4.3.0-21+etch1_mips.deb http://security.debian.org/pool/updates/main/v/vnc4/vnc4server_4.1.1+X 4.3.0-21+etch1_mips.deb Debian xvnc4viewer_4.1.1+X4.3.0-21+etch1_mips.deb http://security.debian.org/pool/updates/main/v/vnc4/xvnc4viewer_4.1.1+ X4.3.0-21+etch1_mips.deb
参考网址
来源: BID 名称: 33363 链接:http://www.securityfocus.com/bid/33363 来源: VUPEN 名称: ADV-2009-0190 链接:http://www.frsirt.com/english/advisories/2009/0190 来源: SECUNIA 名称: 33468 链接:http://secunia.com/advisories/33468 来源: OSVDB 名称: 51608 链接:http://osvdb.org/51608 来源: easyhdr.com 链接:http://easyhdr.com/version.php
受影响实体
- Easyhdr Easyhdr:1.60.2:Pro
补丁
暂无
![weinxin](http://zone.ci/zone_ci_images/zone.ci.png)
评论