Microsoft Windows嵌入式OpenType字体引擎整数溢出漏洞

2009-07-15T00:00:00
ID SSV:11815
Type seebug
Reporter Root
Modified 2009-07-15T00:00:00

Description

Bugraq ID: 35187 CVE ID:CVE-2009-0232

Microsoft Windows是一款流行的操作系统。 Microsoft Windows包含的嵌入式EOT字体技术在解析特殊构建的名字表时存在漏洞,远程攻击者可以利用漏洞以系统进程权限执行任意指令。 目前没有详细漏洞细节提供。

Microsoft Windows XP Tablet PC Edition SP3 Microsoft Windows XP Tablet PC Edition SP2 Microsoft Windows XP Tablet PC Edition SP1 Microsoft Windows XP Tablet PC Edition Microsoft Windows XP Professional x64 Edition SP2 Microsoft Windows XP Professional x64 Edition Microsoft Windows XP Professional SP3 Microsoft Windows XP Professional SP2 Microsoft Windows XP Professional SP1 Microsoft Windows XP Professional Microsoft Windows XP Media Center Edition SP3 Microsoft Windows XP Media Center Edition SP2 Microsoft Windows XP Media Center Edition SP1 Microsoft Windows XP Media Center Edition Microsoft Windows XP Home SP3 Microsoft Windows XP Home SP2 Microsoft Windows XP Home SP1 Microsoft Windows XP Home Microsoft Windows XP Gold 0 Microsoft Windows XP 64-bit Edition SP1 Microsoft Windows XP 64-bit Edition Microsoft Windows XP 0 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Vista x64 Edition SP1 Microsoft Windows Vista x64 Edition 0 Microsoft Windows Vista Ultimate 64-bit edition SP2 Microsoft Windows Vista Ultimate 64-bit edition SP1 Microsoft Windows Vista Ultimate 64-bit edition 0 Microsoft Windows Vista Home Premium 64-bit edition SP2 Microsoft Windows Vista Home Premium 64-bit edition SP1 Microsoft Windows Vista Home Premium 64-bit edition 0 Microsoft Windows Vista Home Basic 64-bit edition SP2 Microsoft Windows Vista Home Basic 64-bit edition SP1 Microsoft Windows Vista Home Basic 64-bit edition 0 Microsoft Windows Vista Enterprise 64-bit edition SP2 Microsoft Windows Vista Enterprise 64-bit edition SP1 Microsoft Windows Vista Enterprise 64-bit edition 0 Microsoft Windows Vista Business 64-bit edition SP2 Microsoft Windows Vista Business 64-bit edition SP1 Microsoft Windows Vista Business 64-bit edition 0 Microsoft Windows Vista Ultimate SP2 Microsoft Windows Vista Ultimate SP1 Microsoft Windows Vista Ultimate Microsoft Windows Vista SP2 Beta Microsoft Windows Vista SP2 Microsoft Windows Vista SP1 Microsoft Windows Vista Home Premium SP2 Microsoft Windows Vista Home Premium SP1 Microsoft Windows Vista Home Premium Microsoft Windows Vista Home Basic SP2 Microsoft Windows Vista Home Basic SP1 Microsoft Windows Vista Home Basic Microsoft Windows Vista Enterprise SP2 Microsoft Windows Vista Enterprise SP1 Microsoft Windows Vista Enterprise Microsoft Windows Vista Business SP2 Microsoft Windows Vista Business SP1 Microsoft Windows Vista Business Microsoft Windows Vista beta 2 Microsoft Windows Vista Beta 1 Microsoft Windows Vista Beta Microsoft Windows Vista 0 Microsoft Windows Server 2008 Standard Edition SP2 Microsoft Windows Server 2008 Standard Edition Release Candidate Microsoft Windows Server 2008 Standard Edition 0 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems 0 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems 0 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for 32-bit Systems 0 Microsoft Windows Server 2008 Enterprise Edition SP2 Microsoft Windows Server 2008 Enterprise Edition Release Candidate Microsoft Windows Server 2008 Enterprise Edition 0 Microsoft Windows Server 2008 Datacenter Edition SP2 Microsoft Windows Server 2008 Datacenter Edition Release Candidate Microsoft Windows Server 2008 Datacenter Edition 0 Microsoft Windows Server 2003 x64 SP2 Microsoft Windows Server 2003 x64 SP1 Microsoft Windows Server 2003 Web Edition SP2 Microsoft Windows Server 2003 Web Edition SP1 Beta 1 Microsoft Windows Server 2003 Web Edition SP1 Microsoft Windows Server 2003 Web Edition Microsoft Windows Server 2003 Standard x64 Edition Microsoft Windows Server 2003 Standard Edition SP2 Microsoft Windows Server 2003 Standard Edition SP1 Beta 1 Microsoft Windows Server 2003 Standard Edition SP1 Microsoft Windows Server 2003 Standard Edition Microsoft Windows Server 2003 Itanium SP2 Microsoft Windows Server 2003 Itanium SP1 Microsoft Windows Server 2003 Itanium 0 Microsoft Windows Server 2003 Enterprise x64 Edition SP2 Microsoft Windows Server 2003 Enterprise x64 Edition Microsoft Windows Server 2003 Enterprise Edition Itanium SP1 Beta 1 Microsoft Windows Server 2003 Enterprise Edition Itanium SP1 Microsoft Windows Server 2003 Enterprise Edition Itanium 0 Microsoft Windows Server 2003 Enterprise Edition SP1 Beta 1 Microsoft Windows Server 2003 Enterprise Edition SP1 Microsoft Windows Server 2003 Enterprise Edition Microsoft Windows Server 2003 Datacenter x64 Edition SP2 Microsoft Windows Server 2003 Datacenter x64 Edition Microsoft Windows Server 2003 Datacenter Edition Itanium SP1 Beta 1 Microsoft Windows Server 2003 Datacenter Edition Itanium SP1 Microsoft Windows Server 2003 Datacenter Edition Itanium 0 Microsoft Windows Server 2003 Datacenter Edition SP1 Beta 1 Microsoft Windows Server 2003 Datacenter Edition SP1 Microsoft Windows Server 2003 Datacenter Edition Microsoft Windows 2000 Server SP4 Microsoft Windows 2000 Server SP3 Microsoft Windows 2000 Server SP2 Microsoft Windows 2000 Server SP1 Microsoft Windows 2000 Server + Avaya DefinityOne Media Servers + Avaya IP600 Media Servers + Avaya S3400 Message Application Server + Avaya S8100 Media Servers Microsoft Windows 2000 Professional SP4 Microsoft Windows 2000 Professional SP3 Microsoft Windows 2000 Professional SP2 Microsoft Windows 2000 Professional SP1 Microsoft Windows 2000 Professional Microsoft Windows 2000 Datacenter Server SP4 Microsoft Windows 2000 Datacenter Server SP3 Microsoft Windows 2000 Datacenter Server SP2 Microsoft Windows 2000 Datacenter Server SP1 Microsoft Windows 2000 Datacenter Server Microsoft Windows 2000 Advanced Server SP4 Microsoft Windows 2000 Advanced Server SP3 Microsoft Windows 2000 Advanced Server SP2 Microsoft Windows 2000 Advanced Server SP1 Microsoft Windows 2000 Advanced Server 3DM Software Disk Management Software SP2 3DM Software Disk Management Software SP1 厂商解决方案 用户可参考如下补丁程序: Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Security Update for Windows Server 2008 (KB961371) http://www.microsoft.com/downloads/details.aspx?familyid=91f6ee68-0e39 -4ec3-b4cd-45f05404e2fb Microsoft Windows XP Tablet PC Edition SP2 Microsoft Security Update for Windows XP (KB961371) http://www.microsoft.com/downloads/details.aspx?familyid=6914167b-6961 -480c-a4d4-808cd58a035b Microsoft Windows XP Media Center Edition SP3 Microsoft Security Update for Windows XP (KB961371) http://www.microsoft.com/downloads/details.aspx?familyid=6914167b-6961 -480c-a4d4-808cd58a035b Microsoft Windows Server 2003 Web Edition SP2 Microsoft Security Update for Windows Server 2003 (KB961371) http://www.microsoft.com/downloads/details.aspx?familyid=018ef53d-f78e -4084-940d-7c86bf59d83c Microsoft Windows XP Professional x64 Edition SP2 Microsoft Security Update for Windows XP x64 Edition (KB961371) http://www.microsoft.com/downloads/details.aspx?familyid=3b8b019e-e6d8 -4ce2-8f1f-3a6399b252d1 Microsoft Windows Vista x64 Edition SP1 Microsoft Security Update for Windows Vista for x64-based Systems (KB961371) http://www.microsoft.com/downloads/details.aspx?familyid=3f8ae651-59f7 -48e1-9e8c-8e07c6806964 Microsoft Windows Server 2008 for x64-based Systems 0 Microsoft Security Update for Windows Server 2008 x64 Edition (KB961371) http://www.microsoft.com/downloads/details.aspx?familyid=5cdc3014-97b3 -47b5-a6b7-cd0e12ec60e4 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Security Update for Windows Server 2008 for Itanium-based Systems (KB961371) http://www.microsoft.com/downloads/details.aspx?familyid=03330a14-9cfa -4146-a3d3-4b7a76975d2d Microsoft Windows 2000 Advanced Server SP4 Microsoft Security Update for Windows 2000 (KB961371) http://www.microsoft.com/downloads/details.aspx?familyid=1efbbd95-cd72 -43df-b1ce-7e2b0c0cb9e2 Microsoft Windows Server 2003 Standard Edition SP2 Microsoft Security Update for Windows Server 2003 (KB961371) http://www.microsoft.com/downloads/details.aspx?familyid=018ef53d-f78e -4084-940d-7c86bf59d83c Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Security Update for Windows Server 2008 x64 Edition (KB961371) http://www.microsoft.com/downloads/details.aspx?familyid=5cdc3014-97b3 -47b5-a6b7-cd0e12ec60e4 Microsoft Windows Server 2003 Itanium SP2 Microsoft Security Update for Windows Server 2003 for Itanium-based Systems (KB961371) http://www.microsoft.com/downloads/details.aspx?familyid=7df0fce2-543c -4e82-85e6-012bfc8bf130 Microsoft Windows Server 2008 for Itanium-based Systems 0 Microsoft Security Update for Windows Server 2008 for Itanium-based Systems (KB961371) http://www.microsoft.com/downloads/details.aspx?familyid=03330a14-9cfa -4146-a3d3-4b7a76975d2d Microsoft Windows Vista x64 Edition SP2 Microsoft Security Update for Windows Vista for x64-based Systems (KB961371) http://www.microsoft.com/downloads/details.aspx?familyid=3f8ae651-59f7 -48e1-9e8c-8e07c6806964 Microsoft Windows 2000 Professional SP4 Microsoft Security Update for Windows 2000 (KB961371) http://www.microsoft.com/downloads/details.aspx?familyid=1efbbd95-cd72 -43df-b1ce-7e2b0c0cb9e2 Microsoft Windows XP Media Center Edition SP2 Microsoft Security Update for Windows XP (KB961371) http://www.microsoft.com/downloads/details.aspx?familyid=6914167b-6961 -480c-a4d4-808cd58a035b Microsoft Windows Vista x64 Edition 0 Microsoft Security Update for Windows Vista for x64-based Systems (KB961371) http://www.microsoft.com/downloads/details.aspx?familyid=3f8ae651-59f7 -48e1-9e8c-8e07c6806964 Microsoft Windows Server 2003 Datacenter x64 Edition SP2 Microsoft Security Update for Windows Server 2003 x64 Edition (KB961371) http://www.microsoft.com/downloads/details.aspx?familyid=7f5fc902-f5d8 -4a87-a73f-68632f9a0935