CVE-2012-0003
Microsoft Windows是微软发布的非常流行的操作系统。Windows Media Player是系统的多媒体播放组件。
WMP在处理畸形结构的MIDI数据时存在内存破坏漏洞。远程攻击者可利用该漏洞通过诱使用户访问恶意网页控制用户系统。
0
Microsoft Windows XP Professional
Microsoft Windows XP Home Edition
Microsoft Windows Vista
Microsoft Windows Storage Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2003 Web Edition
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows 7
临时解决方法:
厂商补丁:
Microsoft已经为此发布了一个安全公告(MS12-004)以及相应补丁:
MS12-004:Vulnerabilities in Windows Media Could Allow Remote Code Execution (2636391)
链接:http://www.microsoft.com/technet/security/bulletin/MS12-004.asp
http://sebug.net/vuldb/ssvid-30051
http://www.rec-sec.com/exploits/msf/ie_iepeers_pointer.rb