漏洞信息详情
Research In Motion Blackberry TeamOn Import Object ActiveX控件缓冲区溢出漏洞
- CNNVD编号:CNNVD-200705-096
- 危害等级: 高危
- CVE编号: CVE-2007-0323
- 漏洞类型: 缓冲区溢出
- 发布时间: 2007-05-08
- 威胁类型: 远程
- 更新时间: 2007-05-09
- 厂 商: rim
- 漏洞来源: This issue was dis...
漏洞简介
Research In Motion (RIM) TeamOn Import Object ActiveX控件(TOImport.dll)的SetLanguage函数中存在缓冲区溢出漏洞。远程攻击者可以借助未明向量,执行任意代码。
漏洞公告
目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接:
http://www.microsoft.com/downloads/details.aspx?familyid=0F173D60-6FD0-4C92-BB2A-A7A78707E35F&displaylang=en
http://www.microsoft.com/downloads/details.aspx?familyid=1944BCFA-B0BC-4BD5-9089-A618EA43EA49&displaylang=en
http://www.microsoft.com/downloads/details.aspx?familyid=404A48A2-5765-4AFA-94BF-E97212AA14EF&displaylang=en
http://www.microsoft.com/downloads/details.aspx?familyid=7A778D93-9D85-4217-8CC0-5C494D954CA0&displaylang=en
http://www.microsoft.com/downloads/details.aspx?familyid=29938ED4-F8BB-4793-897C-966BA7F4830C&displaylang=en
http://www.microsoft.com/downloads/details.aspx?familyid=0C65FAD3-BAAE-46C4-B453-84CF28B15F50&displaylang=en
http://www.microsoft.com/downloads/details.aspx?familyid=74AFEA3D-79DF-4B64-BF30-B8E5C55CAB2B&displaylang=en
http://www.microsoft.com/downloads/details.aspx?familyid=67AE3381-16B2-4B34-B95C-69EE7D58B357&displaylang=en
http://www.microsoft.com/downloads/details.aspx?familyid=03FC8E0C-DEC5-48D1-9A34-3B639F185F7D&displaylang=en
http://www.microsoft.com/downloads/details.aspx?familyid=D249089D-BB8E-4B86-AB8E-18C52844ACB2&displaylang=en
http://www.microsoft.com/downloads/details.aspx?familyid=D52C0AFD-CC3A-4A5C-B91B-E006D497BC26&displaylang=en
http://www.microsoft.com/downloads/details.aspx?familyid=94B83BDD-2BD1-43E4-BABF-68135D253293&displaylang=en
http://www.microsoft.com/downloads/details.aspx?familyid=EFC6BE04-0D6B-4639-8485-DA1525F6BC52&displaylang=en
http://www.microsoft.com/downloads/details.aspx?familyid=A077BE20-C379-4386-B478-80197A4A4ABC&displaylang=en
参考网址
来源: VU#869641
名称: VU#869641
链接:http://www.kb.cert.org/vuls/id/869641
来源: TA07-128A
名称: TA07-128A
链接:http://www.us-cert.gov/cas/techalerts/TA07-128A.HTML
来源: MS
名称: MS07-027
链接:http://www.microsoft.com/technet/security/Bulletin/MS07-027.mspx
来源: OSVDB
名称: 35873
链接:http://osvdb.org/35873
来源: XF
名称: rim-toimport-activex-bo(34182)
链接:http://xforce.iss.net/xforce/xfdb/34182
来源: BID
名称: 23331
链接:http://www.securityfocus.com/bid/23331
来源: HP
名称: SSRT071422
链接: http://www.securityfocus.com/archive/1/archive/1/468871/100/200/threaded
来源: VUPEN
名称: ADV-2007-1716
链接:http://www.frsirt.com/english/advisories/2007/1716
来源: www.blackberry.com
链接:http://www.blackberry.com/btsc/articles/74/KB13142_f.SAL_Public.HTML
来源: SECUNIA
名称: 25218
链接:http://secunia.com/advisories/25218
受影响实体
- Rim Teamon_import_object_activex_control
补丁
暂无
评论