漏洞信息详情
Microsoft Windows Media Decompression 远程代码执行漏洞
- CNNVD编号:CNNVD-201006-105
- 危害等级: 超危
- CVE编号: CVE-2010-1880
- 漏洞类型: 代码注入
- 发布时间: 2010-06-11
- 威胁类型: 远程
- 更新时间: 2010-06-17
- 厂 商: microsoft
- 漏洞来源: Yamata Li of Palo ...
漏洞简介
Microsoft Windows 2000、XP、Server 2003、 Vista和Server 2008上运行的DirectShow存在未明漏洞,远程攻击者可利用含有特制压缩数据的媒体文件执行任意代码,即\"MJPEG媒体解压缩漏洞\"。
漏洞公告
目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
Microsoft Quartz 0
Microsoft Security Update for Windows Vista (KB975562)
http://www.microsoft.com/downloads/details.aspx?familyid=B64107F2-990A -42DF-A75A-5BF371709FD6Microsoft Security Update for Windows Vista for x64-based Systems (KB975562)
http://www.microsoft.com/downloads/details.aspx?familyid=0754ADDB-2F04 -45C9-8594-174B8B8B297CMicrosoft Security Update for Windows XP (KB975562)
http://www.microsoft.com/downloads/details.aspx?familyid=E77D5AF8-E8E0 -425C-A809-4CF274E17CC5Microsoft Security Update for DirectX 9 for Windows 2000 (KB975562)
http://www.microsoft.com/downloads/details.aspx?familyid=A51C53BD-F9C1 -4D53-8ED2-034FD57BC75AMicrosoft Security Update for Windows Server 2003 x64 Edition (KB975562)
http://www.microsoft.com/downloads/details.aspx?familyid=D28ECDF7-9FD4 -437E-9DB7-C6B579248ABEMicrosoft Security Update for Windows XP x64 Edition (KB975562)
http://www.microsoft.com/downloads/details.aspx?familyid=7914FDAE-9A7A -4A10-8CE7-C621EB903452Microsoft Security Update for Windows Server 2003 for Itanium-based Systems (KB975562)
http://www.microsoft.com/downloads/details.aspx?familyid=7F101F4C-DCC8 -474C-A844-FE0C45D6697CMicrosoft Security Update for Windows Server 2003 (KB975562)
http://www.microsoft.com/downloads/details.aspx?familyid=FC15C43B-D48F -4872-8F9D-ED973170DB9AMicrosoft Security Update for Windows Server 2008 (KB975562)
http://www.microsoft.com/downloads/details.aspx?familyid=18FD814B-51F3 -470B-A5BD-97BE752298D9Microsoft Security Update for Windows Server 2008 x64 Edition (KB975562)
http://www.microsoft.com/downloads/details.aspx?familyid=4E40DA51-23EE -44F0-9EA0-99BDA8CCA731Microsoft Security Update for Windows Server 2008 for Itanium-based Systems (KB975562)
http://www.microsoft.com/downloads/details.aspx?familyid=120C68F5-4575 -4E2A-912A-EED52736C403
参考网址
来源: US-CERT
名称: TA10-159B
链接:http://www.us-cert.gov/cas/techalerts/TA10-159B.HTML
来源: MS
名称: MS10-033
链接:http://www.microsoft.com/technet/security/bulletin/ms10-033.mspx
来源: OSVDB
名称: 65222
链接:http://osvdb.org/65222
受影响实体
- Microsoft Directx:9.0
- Microsoft Directx:9.0a
- Microsoft Directx:9.0b
- Microsoft Directx:9.0c
补丁
- Security Update for DirectX 9 for Windows 2000 (KB975562)
- Security Update for Windows Server 2003 x64 Edition (KB975562)
- Security Update for Windows Server 2008 (KB975562)
- Security Update for Windows Server 2003 (KB975562)
- Security Update for Windows Vista for x64-based Systems (KB975562)
![weinxin](http://zone.ci/zone_ci_images/zone.ci.png)
评论