漏洞信息详情

Microsoft Visio Memory Validation 内存验证漏洞

  • CNNVD编号:CNNVD-200804-111
  • 危害等级: 超危
  • CVE编号: CVE-2008-1090
  • 漏洞类型: 资源管理错误
  • 发布时间: 2008-04-08
  • 威胁类型: 远程
  • 更新时间: 2009-03-04
  • 厂        商: microsoft
  • 漏洞来源: The vendor disclos...

漏洞简介

Microsoft Visio 2002 SP2,2003 SP2和SP3,以及2007到SP1存在未明漏洞。用户协助式远程攻击者借助一个特制的.DXF文件,执行任意代码。该漏洞又称\"Visio内存验证漏洞\"。

漏洞公告

目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:

Microsoft Visio 2002 SP2

Microsoft Security Update for Microsoft Visio 2002 (KB947896)

http://www.microsoft.com/downloads/details.aspx?FamilyId=0056a936-def5 -40fa-bcfc-0ab0dd5c3964&displaylang=en

Microsoft Visio 2003 SP3

Microsoft Security Update for Microsoft Office Visio 2003 (KB947650)

http://www.microsoft.com/downloads/details.aspx?FamilyId=18af0ce6-99a0 -4471-8d26-9700a8a8e631&displaylang=en

Microsoft Visio 2007 0

Microsoft Security Update for Microsoft Office Visio 2007 (KB947590) - English

http://www.microsoft.com/downloads/details.aspx?FamilyId=0510a1bb-b464 -452c-900f-7f4e58ed9c7e&displaylang=en

Microsoft Visio 2007 SP1

Microsoft Security Update for Microsoft Office Visio 2007 (KB947590) - English

http://www.microsoft.com/downloads/details.aspx?FamilyId=0510a1bb-b464 -452c-900f-7f4e58ed9c7e&displaylang=en

Microsoft Visio 2003 SP2

Microsoft Security Update for Microsoft Office Visio 2003 (KB947650)

http://www.microsoft.com/downloads/details.aspx?FamilyId=18af0ce6-99a0 -4471-8d26-9700a8a8e631&displaylang=en

参考网址

来源: BID

名称: 28556

链接:http://www.securityfocus.com/bid/28556

来源: MS

名称: MS08-019

链接:http://www.microsoft.com/technet/security/Bulletin/MS08-019.mspx

来源: SECUNIA

名称: 29691

链接:http://secunia.com/advisories/29691

来源: XF

名称: visio-file-code-execution(41452)

链接:http://xforce.iss.net/xforce/xfdb/41452

来源: SECTRACK

名称: 1019804

链接:http://www.securitytracker.com/id?1019804

来源: VUPEN

名称: ADV-2008-1143

链接:http://www.frsirt.com/english/advisories/2008/1143/references

来源: OVAL

名称: oval:org.mitre.oval:def:5344

链接:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:5344

来源: HP

名称: SSRT080048

链接:http://marc.info/?l=bugtraq&m=120845064910729&w=2

补丁

    暂无

漏洞信息快速查询

相关漏洞

更多