Microsoft Win32 API参数验证远程代码执行漏洞（MS07-035）

Microsoft Windows是微软发布的非常流行的操作系统。 Microsoft Windows的Win32 API实现上存在漏洞，远程攻击者可能利用此漏洞控制用户机器。 Windows的Win32 API没有正确地验证函数调用中的一个参数，如果特制的应用程序本地使用了受影响的API的话，该漏洞可能允许远程代码执行或权限提升。因此，使用Win32这个组件的应用程序可能被用作漏洞的攻击载体。例如，Internet Explorer在解析特制的网页时使用这个Win32...

Microsoft Windows Win32 API Code Execution (MS07-035; CVE-2007-2219)

Microsoft Win32 API application programming interface provides 32-bit services used by all Windows-based applications.A remote code execution vulnerability has been reported in the Microsoft Windows implementation of Win32 API.Remote attacker could exploit this issue by convincing a user to visit...

Microsoft Windows Win32 API fails to properly validate function parameters

Overview The Microsoft Windows Win32 API fails to properly validate function parameters, which could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Microsoft Windows Win32 API is a set of application programming interfaces for the...