CVE-2009-2528
기본정보
  • 공개일 : 2009-10-14
  • 변경일 : 2009-11-17
  • 위험도 : 낮음
  • 공격 범위 : 인터넷, 사용자가 공격자에게 접근해야 공격 가능
  • 피해 유형 : 가용성 침해, 계정 탈취 (관리자 계정), 무결성 훼손, 기밀 유출
CVSS 평가 위험도: 9.3 (영향도: 10.0 익스플로잇: 8.6 )
설명

GDI+ in Microsoft Office XP SP3 does not properly handle malformed objects in Office Art Property Tables, which allows remote attackers to execute arbitrary code via a crafted Office document that triggers memory corruption, aka "Memory Corruption Vulnerability."
참조
취약 소프트웨어
  • Microsoft windows_xp sp3
  • Microsoft windows_xp sp2:professional_x64
  • Microsoft windows_server_2008 :itanium
  • Microsoft windows_2003_server sp2:x64
  • Microsoft windows_xp sp2
  • Microsoft windows_vista sp1:x64
  • Microsoft windows_vista sp1
  • Microsoft windows_vista :x64
  • Microsoft windows_server_2008 :x32
  • Microsoft windows_server_2008 :x64
  • Microsoft windows_2003_server sp2:itanium
  • Microsoft windows_2003_server sp2
  • Microsoft Works 8.5
  • Microsoft word_viewer 2003 sp3
  • Microsoft visual_studio_.net 2005 sp1
  • Microsoft visual_studio_.net 2003 sp1
  • Microsoft visual_studio 2008 sp1
  • Microsoft visual_foxpro 9.0 sp2
  • Microsoft visual_foxpro 8.0 sp1
  • Microsoft Visio 2002 sp2
  • Microsoft sql_server_reporting_services 2000 sp2
  • Microsoft sql_server 2005 sp3:itanium
  • Microsoft sql_server 2005 sp3:x64
  • Microsoft sql_server 2005 sp3
  • Microsoft sql_server 2005 sp2:itanium
  • Microsoft sql_server 2005 sp2:x64
  • Microsoft sql_server 2005 sp2
  • Microsoft report_viewer 2008 sp1:redistributable_package
  • Microsoft Project 2002 sp1
  • Microsoft platform_sdk :redistrutable_gdi+
  • Microsoft office_word_viewer
  • Microsoft office_powerpoint_viewer 2007 sp2
  • Microsoft office_powerpoint_viewer 2007 sp1
  • Microsoft office_groove 2007 sp1
  • Microsoft report_viewer 2008 sp1
  • Microsoft report_viewer 2008 :redistributable_package
  • Microsoft report_viewer 2008
  • Microsoft report_viewer 2005 sp1:redistributable_package
  • Microsoft report_viewer 2005 sp1
  • Microsoft .net_framework 1.1 sp1
  • Microsoft office_excel_viewer
  • Microsoft office_compatibility_pack 2007 sp2
  • Microsoft office_compatibility_pack 2007 sp1
  • Microsoft Office XP
  • Microsoft Office 2007 sp2
  • Microsoft Office 2007 SP1
  • Microsoft Office 2003 sp3
  • Microsoft internet_explorer 6 sp1
  • Microsoft forefront_client_security 1.0
  • Microsoft expression_web 2
  • Microsoft excel_viewer 2003 sp3
  • Microsoft .net_framework 2.0 sp2
  • Microsoft .net_framework 2.0 sp1