Sony VAIO Wireless Manager ActiveX Control WifiMan.dll Multiple Buffer Overflows

The Sony VAIO Wireless Manager ActiveX control installed on the remote Windows host is affected by buffer overflow vulnerabilities in 'SetTmpProfileOption' and 'ConnectToNetWokrkOption' in WifiMan.dll. By tricking a victim into visiting a specially crafted page, an attacker may be able to execute...

Sony VAIO Wireless Manager ActiveX控件'WifiMan.dll'缓冲区溢出漏洞

Bugtraq ID: 53735 CVE ID：CVE-2012-0985 Sony VAIO Wireless Manager是索尼笔记本上安装的无线管理程序。 Sony VAIO Wireless Manager ActiveX控件存在缓冲区溢出，攻击者可以利用漏洞以应用程序上下文执行任意代码。 漏洞是由于WifiMan.dll库中的SetTmpProfileOption和ConnectToNetwork方法没有正确检查字符串参数长度引起的，攻击者可以构建恶意WEB页，诱使用户解析来触发。 0 Sony VAIO Wireless Manager 4.0.0.0 厂商解决方案 So...