Microsoft Windows动画光标ANI格式处理远程代码执行漏洞

基本字段

漏洞编号：: SSV-1586

披露/发现时间：: 未知

提交时间：: 2007-04-03

漏洞等级：

漏洞类别：: 嵌入恶意代码

影响组件：: Windows

漏洞作者：: 未知

提交者：: Knownsec

CVE-ID：: 补充

CNNVD-ID：: 补充

CNVD-ID：: 补充

ZoomEye Dork：: 补充

来源

漏洞详情

贡献者 Knownsec 共获得 0KB

Microsoft Internet Explorer是一款流行的WEB浏览器，Microsoft Windows是一款流行的操作系统。 Microsoft Windows在处理畸形的动画图标文件(.ani)时存在缓冲区溢出问题，远程攻击者可利用此漏洞以当前用户进程权限执行任意指令。 Microsoft Windows在处理畸形动画光标文件(.ani)时没有正确地验证ANI头字段中所指定的大小，可导致基于栈溢出漏洞。攻击者可以构建恶意WEB页或者包含ANI文件的EMAIL消息来触发，就会触发这个溢出，导致执行任意代码。Windows资源管理器也会处理一些文件扩展名的ANI文件，如.ani、.cur、. ico等。目前该漏洞正在被名为TROJ_ANICMOO.AX的木马大量利用。 Microsoft Windows XP Tablet PC Edition SP2 Microsoft Windows XP Professional SP2 Microsoft Windows XP Media Center Edition SP2 Microsoft Windows XP Home SP2 Microsoft Windows Vista December CTP Microsoft Windows Vista Ultimate Microsoft Windows Vista Home Premium Microsoft Windows Vista Home Basic Microsoft Windows Vista Enterprise Microsoft Windows Vista Business Microsoft Windows Vista beta 2 Microsoft Windows Vista Beta 1 Microsoft Windows Vista Beta Microsoft Windows Vista 0 Microsoft Windows Server 2003 Web Edition SP1 Beta 1 Microsoft Windows Server 2003 Web Edition SP1 Microsoft Windows Server 2003 Web Edition Microsoft Windows Server 2003 Standard x64 Edition Microsoft Windows Server 2003 Standard Edition SP1 Beta 1 Microsoft Windows Server 2003 Standard Edition SP1 Microsoft Windows Server 2003 Standard Edition Microsoft Windows Server 2003 Enterprise x64 Edition Microsoft Windows Server 2003 Enterprise Edition Itanium SP1 Beta 1 Microsoft Windows Server 2003 Enterprise Edition Itanium SP1 Microsoft Windows Server 2003 Enterprise Edition Itanium 0 Microsoft Windows Server 2003 Enterprise Edition SP1 Beta 1 Microsoft Windows Server 2003 Enterprise Edition SP1 Microsoft Windows Server 2003 Enterprise Edition Microsoft Windows Server 2003 Datacenter x64 Edition Microsoft Windows Server 2003 Datacenter Edition Itanium SP1 Beta 1 Microsoft Windows Server 2003 Datacenter Edition Itanium SP1 Microsoft Windows Server 2003 Datacenter Edition Itanium 0 Microsoft Windows Server 2003 Datacenter Edition SP1 Beta 1 Microsoft Windows Server 2003 Datacenter Edition SP1 Microsoft Windows Server 2003 Datacenter Edition Microsoft Windows Mail 0 Microsoft Windows 2000 Server Japanese Edition Microsoft Windows 2000 Server SP4 Microsoft Windows 2000 Server SP3 Microsoft Windows 2000 Server SP2 Microsoft Windows 2000 Server SP1 Microsoft Windows 2000 Server + Avaya DefinityOne Media Servers + Avaya IP600 Media Servers + Avaya S3400 Message Application Server + Avaya S8100 Media Servers Microsoft Windows 2000 Professional SP4 Microsoft Windows 2000 Professional SP3 Microsoft Windows 2000 Professional SP2 Microsoft Windows 2000 Professional SP1 Microsoft Windows 2000 Professional Microsoft Windows 2000 Datacenter Server SP4 Microsoft Windows 2000 Datacenter Server SP3 Microsoft Windows 2000 Datacenter Server SP2 Microsoft Windows 2000 Datacenter Server SP1 Microsoft Windows 2000 Datacenter Server Microsoft Windows 2000 Advanced Server SP4 Microsoft Windows 2000 Advanced Server SP3 Microsoft Windows 2000 Advanced Server SP2 Microsoft Windows 2000 Advanced Server SP1 Microsoft Windows 2000 Advanced Server Microsoft Outlook Express 6.0 SP2 Microsoft Outlook Express 6.0 SP1 + Microsoft Windows XP 64-bit Edition SP1 + Microsoft Windows XP Home SP1 + Microsoft Windows XP Professional SP1 Microsoft Outlook Express 6.0 + Microsoft Windows Server 2003 Datacenter Edition + Microsoft Windows Server 2003 Datacenter Edition Itanium 0 + Microsoft Windows Server 2003 Enterprise Edition + Microsoft Windows Server 2003 Enterprise Edition Itanium 0 + Microsoft Windows Server 2003 Standard Edition + Microsoft Windows Server 2003 Web Edition + Microsoft Windows XP Home + Microsoft Windows XP Media Center Edition + Microsoft Windows XP Professional + Microsoft Windows XP Tablet PC Edition Microsoft Internet Explorer 6.0 SP2 Microsoft Internet Explorer 6.0 SP1 Microsoft Internet Explorer 6.0 - Citrix ICA Client for Windows 4.0 SP6a - Microsoft Windows 2000 Advanced Server SP2 - Microsoft Windows 2000 Advanced Server SP2 - Microsoft Windows 2000 Advanced Server SP1 - Microsoft Windows 2000 Advanced Server SP1 - Microsoft Windows 2000 Advanced Server - Microsoft Windows 2000 Advanced Server - Microsoft Windows 2000 Datacenter Server SP2 - Microsoft Windows 2000 Datacenter Server SP2 - Microsoft Windows 2000 Datacenter Server SP1 - Microsoft Windows 2000 Datacenter Server SP1 - Microsoft Windows 2000 Datacenter Server - Microsoft Windows 2000 Datacenter Server - Microsoft Windows 2000 Professional SP2 - Microsoft Windows 2000 Professional SP2 - Microsoft Windows 2000 Professional SP1 - Microsoft Windows 2000 Professional SP1 - Microsoft Windows 2000 Professional - Microsoft Windows 2000 Professional - Microsoft Windows 2000 Server SP2 - Microsoft Windows 2000 Server SP2 - Microsoft Windows 2000 Server SP1 - Microsoft Windows 2000 Server SP1 - Microsoft Windows 2000 Server - Microsoft Windows 2000 Server - Microsoft Windows 2000 Terminal Services SP2 - Microsoft Windows 2000 Terminal Services SP2 - Microsoft Windows 2000 Terminal Services SP1 - Microsoft Windows 2000 Terminal Services SP1 - Microsoft Windows 2000 Terminal Services - Microsoft Windows 2000 Terminal Services - Microsoft Windows 98 - Microsoft Windows 98 - Microsoft Windows 98SE - Microsoft Windows 98SE - Microsoft Windows ME - Microsoft Windows ME - Microsoft Windows NT 4.0 SP6a - Microsoft Windows NT Enterprise Server 4.0 SP6a - Microsoft Windows NT Enterprise Server 4.0 SP6a - Microsoft Windows NT Server 4.0 SP6a - Microsoft Windows NT Server 4.0 SP6a - Microsoft Windows NT Workstation 4.0 SP6a - Microsoft Windows NT Workstation 4.0 SP6a + Microsoft Windows Server 2003 Datacenter Edition + Microsoft Windows Server 2003 Datacenter Edition + Microsoft Windows Server 2003 Datacenter Edition Itanium 0 + Microsoft Windows Server 2003 Enterprise Edition + Microsoft Windows Server 2003 Enterprise Edition + Microsoft Windows Server 2003 Enterprise Edition Itanium 0 + Microsoft Windows Server 2003 Enterprise Edition Itanium 0 + Microsoft Windows Server 2003 Standard Edition + Microsoft Windows Server 2003 Standard Edition + Microsoft Windows Server 2003 Web Edition + Microsoft Windows Server 2003 Web Edition + Microsoft Windows XP Home + Microsoft Windows XP Home + Microsoft Windows XP Professional + Microsoft Windows XP Professional Microsoft Internet Explorer 7.0 + Microsoft Windows Vista Ultimate + Microsoft Windows Vista Home Premium + Microsoft Windows Vista Home Basic + Microsoft Windows Vista Enterprise + Microsoft Windows Vista Business + Microsoft Windows Vista 0 + Microsoft Windows Vista 0 目前没有解决方案提供，请关注以下链接： <a href=\"http://www.microsoft.com/\" target=\"_blank\">http://www.microsoft.com/</a> V-A.D.Lab建议您：　　目前微软还没有提供补丁或者升级程序，请您随时关注厂商的补丁更新，及时下载补丁。未安装补丁之前，请您采用以下几种措施防范该漏洞可能带来的危害： 1.禁用预览栏； 2.以纯文本格式读取邮件； 3.配置Windows资源管理器使用Windows传统风格的文件夹：打开Windows资源管理器，在“工具”菜单中选择“文件夹”选项，在“任务”部分选择“使用 Windows传统风格的文件夹”。

共 0 兑换了

PoC (非 pocsuite 插件)

贡献者 Knownsec 共获得 0.1KB

共 1 兑换

参考链接

解决方案

临时解决方案

官方解决方案

防护方案

※本站提供的任何内容、代码与服务仅供学习，请勿用于非法用途，否则后果自负

Microsoft Windows动画光标ANI格式处理远程代码执行漏洞

基本字段

来源

漏洞详情

PoC (非 pocsuite 插件)

参考链接

解决方案

生命线

相关漏洞

评论前需绑定手机现在绑定

暂无评论

Microsoft Windows动画光标ANI格式处理远程代码执行漏洞

基本字段

来源

漏洞详情

PoC (非 pocsuite 插件)

参考链接

解决方案

生命线

相关漏洞

评论前需绑定手机 现在绑定

暂无评论

您好，

您好，

评论前需绑定手机现在绑定