3 matches found
Microsoft Windows cdd.dll驱动远程拒绝服务漏洞
BUGTRAQ ID: 40237 CVE ID: CVE-2009-3678 Windows是微软发布的非常流行的操作系统。 Windows所使用的规范显示驱动(cdd.dll)没有正确的解析从用户态拷贝到内核态的信息。用户受骗打开了包含有大量以缩略图形式显示图形文件的文件夹并同时选中删除了大约15到20张图形就会导致系统蓝屏死机。理论上利用该漏洞也可能导致执行任意代码,但由于地址是随机的,因此很难预测最终的指针目标。 Microsoft Windows Server 2008 R2 Microsoft Windows 7 临时解决方法: 禁用Windows Aero主题。 厂商补丁:...
Microsoft Windows Canonical Display Driver Denial Of Service (CVE-2009-3678)
The Canonical Display Driver cdd.dll is used by desktop composition to blend GDI and DirectX drawing. CDD emulates the interface of a Windows XP display driver for interactions with the Win32k GDI graphics engine. A remote code execution vulnerability has been reported in Microsoft Windows...
CVE-2009-3678
CVE-2009-3678 describes an unauthenticated remote code-execution vulnerability in the Canonical Display Driver (cdd.dll) for 64-bit Windows 7/Windows Server 2008 R2 when the Windows Aero theme is enabled. The root cause is improper parsing of data copied from user-mode to kernel-mode in the Canon...