漏洞信息详情
Microsoft Internet Explorer HTML Component Handling 远程代码执行漏洞
- CNNVD编号:CNNVD-200910-229
- 危害等级: 超危
- CVE编号: CVE-2009-2529
- 漏洞类型: 代码注入
- 发布时间: 2009-10-14
- 威胁类型: 远程
- 更新时间: 2019-04-02
- 厂 商: microsoft
- 漏洞来源: Microsoft
漏洞简介
Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7,以及8版本没有使当地处理未明自变量的自变量验证。这会允许远程攻击者可以借助一个特制的HTML文件,执行任意代码,又称\"HTML组件处理漏洞\"。
漏洞公告
目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接:
Microsoft Internet Explorer 7.0
Microsoft Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 (KB974455)
http://www.microsoft.com/downloads/details.aspx?familyid=4647bcf1-69fb -4ad6-9e03-7bc22d8a914b
Microsoft Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 64-bit Itanium Edition (K
http://www.microsoft.com/downloads/details.aspx?FamilyID=07e66c09-2cd7 -47ba-bf87-d3da602184b4
Microsoft Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 x64 Edition (KB974455)
http://www.microsoft.com/downloads/details.aspx?familyid=e7d77bd9-8317 -42f3-9ad1-a0b8bfa65b53
Microsoft Cumulative Security Update for Internet Explorer 7 for Windows XP (KB974455)
http://www.microsoft.com/downloads/details.aspx?FamilyID=dc166dc6-577f -4d8d-94df-dd963233dd85
Microsoft Cumulative Security Update for Internet Explorer 7 for Windows XP x64 Edition (KB974455)
http://www.microsoft.com/downloads/details.aspx?familyid=bd54e595-25f2 -4839-a838-2a0f809bde2b
Microsoft Cumulative Security Update for Internet Explorer 7 in Windows Server 2008 (KB974455)
http://www.microsoft.com/downloads/details.aspx?familyid=72dd580e-eb53 -41da-a5c0-a392ad388bfc
Microsoft Cumulative Security Update for Internet Explorer 7 in Windows Server 2008 for Itanium-based Systems
http://www.microsoft.com/downloads/details.aspx?familyid=e81f30b7-ef05 -4488-b62a-d330e17129cf
Microsoft Cumulative Security Update for Internet Explorer 7 in Windows Server 2008 x64 Edition (KB974455)
http://www.microsoft.com/downloads/details.aspx?familyid=0111d741-bda4 -4a50-a12b-d3337ff4441d
Microsoft Cumulative Security Update for Internet Explorer 7 in Windows Vista (KB974455)
http://www.microsoft.com/downloads/details.aspx?familyid=f6995616-2a84 -4c26-9599-26f1314873ed
Microsoft Cumulative Security Update for Internet Explorer 7 in Windows Vista x64 Edition (KB974455)
http://www.microsoft.com/downloads/details.aspx?familyid=b3de5236-afdd -436e-8648-5382d564cc99
Microsoft Internet Explorer 8
Microsoft Cumulative Security Update for Internet Explorer 8 for Windows Server 2003 (KB974455)
http://www.microsoft.com/downloads/details.aspx?familyid=9eae7eca-1a6f -4397-a6e2-7dda6b9d5276
Microsoft Cumulative Security Update for Internet Explorer 8 for Windows Server 2003 x64 Edition (KB974455)
http://www.microsoft.com/downloads/details.aspx?familyid=708a549d-11fd -43bf-a6e1-309e3205d59d
Microsoft Cumulative Security Update for Internet Explorer 8 for Windows XP (KB974455)
http://www.microsoft.com/downloads/details.aspx?familyid=8799159d-df69 -49f6-9db5-49147690ce0c
Microsoft Cumulative Security Update for Internet Explorer 8 for Windows XP x64 Edition (KB974455)
http://www.microsoft.com/downloads/details.aspx?familyid=77b18fc2-e769 -47c6-8e72-916716a49e58
Microsoft Cumulative Security Update for Internet Explorer 8 in Windows 7 (KB974455)
http://www.microsoft.com/downloads/details.aspx?familyid=89d1fb78-68cd -48dd-afc2-15a79ebe9fde
Microsoft Cumulative Security Update for Internet Explorer 8 in Windows 7 x64 Edition (KB974455)
http://www.microsoft.com/downloads/details.aspx?familyid=10d9f7ac-65f4 -437c-91cc-171632c69b0e
Microsoft Cumulative Security Update for Internet Explorer 8 in Windows Server 2008 (KB974455)
http://www.microsoft.com/downloads/details.aspx?familyid=1baf7e96-ba3e -47e7-8ea3-eb092e653a39
Microsoft Cumulative Security Update for Internet Explorer 8 in Windows Server 2008 R2 for Itanium-based Syste
http://www.microsoft.com/downloads/details.aspx?familyid=9b6a28ae-b3f2 -42b0-8209-e3950ec37abb
Microsoft Cumulative Security Update for Internet Explorer 8 in Windows Server 2008 R2 x64 Edition (KB974455)
http://www.microsoft.com/downloads/details.aspx?familyid=f50307d6-7869 -4996-9ff7-23f87d08994b
Microsoft Cumulative Security Update for Internet Explorer 8 in Windows Server 2008 x64 Edition (KB974455)
http://www.microsoft.com/downloads/details.aspx?familyid=7a4b755b-7fa0 -43aa-8862-c1d0c7d94c2c
Microsoft Cumulative S
参考网址
来源:MS
链接:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-054
来源:OVAL
链接:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6419
来源:CERT
链接:http://www.us-cert.gov/cas/techalerts/TA09-286A.HTML
受影响实体
- Microsoft Internet_explorer:8
- Microsoft Internet_explorer:7
- Microsoft Internet_explorer:6
- Microsoft Internet_explorer:6:Sp1
- Microsoft Internet_explorer:5.01:Sp4
补丁
暂无
![weinxin](http://zone.ci/zone_ci_images/zone.ci.png)
评论