| CVE-2009-2518 |
| 기본정보 |
- 공개일 : 2009-10-14
- 변경일 : 2009-11-17
- 위험도 : 낮음
- 공격 범위 : 사용자가 공격자에게 접근해야 공격 가능, 인터넷
- 피해 유형 : 무결성 훼손, 기밀 유출, 가용성 침해
|
| CVSS 평가 |
위험도: 9.3 (영향도: 10.0 익스플로잇: 8.6 ) |
| 설명 |
Integer overflow in GDI+ in Microsoft Office XP SP3 allows remote attackers to execute arbitrary code via an Office document with a bitmap (aka BMP) image that triggers memory corruption, aka "Office BMP Integer Overflow Vulnerability."
|
| 참조 |
|
| 취약 소프트웨어 |
-
Microsoft
report_viewer
2005
sp1
-
Microsoft
office_xp
sp3
-
Microsoft
windows_xp
sp3
-
Microsoft
sql_server
2005
sp2:itanium
-
Microsoft
office_word_viewer
2003
sp3
-
Microsoft
office_visio
2002
sp2
-
Microsoft
office_project
2002
sp1
-
Microsoft
office_powerpoint
2007
sp2
-
Microsoft
office_powerpoint
2007
sp1
-
Microsoft
office_groove
2007
sp1
-
Microsoft
office_excel_viewer
2003
sp3
-
Microsoft
Office_compatibility_pack_for_word_excel_ppt_2007
sp2
-
Microsoft
Office_compatibility_pack_for_word_excel_ppt_2007
sp1
-
Microsoft
Office
2003
sp3
-
Microsoft
internet_explorer
6
sp1
-
Microsoft
forefront_client_security
1.0
-
Microsoft
20007_office_system
sp2
-
Microsoft
20007_office_system
sp1
-
Microsoft
.net_framework
2.0
sp2
-
Microsoft
.net_framework
2.0
sp1
-
Microsoft
report_viewer
2005
sp1:redistributable_package
-
Microsoft
report_viewer
2008
:redistributable_package
-
Microsoft
report_viewer
2008
-
Microsoft
.net_framework
1.1
sp1
-
Microsoft
sql_server
2005
sp2
-
Microsoft
report_viewer
2008
sp1:redistributable_package
-
Microsoft
report_viewer
2008
sp1
-
Microsoft
windows_xp
sp2:professional_x64
-
Microsoft
windows_xp
sp2
-
Microsoft
windows_vista
-
sp1
-
Microsoft
windows_vista
sp1:x64
-
Microsoft
windows_vista
sp1
-
Microsoft
windows_vista
:x64
-
Microsoft
windows_server_2008
:x64
-
Microsoft
windows_server_2008
:itanium
-
Microsoft
windows_server_2008
:x32
-
Microsoft
windows_2003_server
sp2:x64
-
Microsoft
windows_2003_server
sp2:itanium
-
Microsoft
windows_2003_server
sp2
-
Microsoft
windows_2000
sp4
-
Microsoft
Works
8.5
-
Microsoft
sql_server
2005
sp3:itanium
-
Microsoft
sql_server
2005
sp3:x64
-
Microsoft
sql_server
2005
sp3
-
Microsoft
sql_server
2005
sp2:x64
|
