ðòïåëôù 

  áòèé÷ 

Apache-Talk @lexa.ru 

Inet-Admins @info.east.ru 

Filmscanners @halftone.co.uk 

Security-alerts @yandex-team.ru 

nginx-ru @sysoev.ru 

  óôáôøé 

  ðåòóïîáìøîïå 

  ðòïçòáííù 

ðéûéôå
ðéóøíá














     áòèé÷ :: Security-alerts
Security-Alerts mailing list archive (security-alerts@yandex-team.ru)
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[security-alerts] FW: [SA20605] Microsoft Windows ART Image Handling Buffer Overflow

> 
> TITLE:
> Microsoft Windows ART Image Handling Buffer Overflow
> 
> SECUNIA ADVISORY ID:
> SA20605
> 
> VERIFY ADVISORY:
> http://secunia.com/advisories/20605/
> 
> CRITICAL:
> Highly critical
> 
> IMPACT:
> System access
> 
> WHERE:
> From remote
> 
> OPERATING SYSTEM:
> Microsoft Windows XP Professional
> http://secunia.com/product/22/
> Microsoft Windows XP Home Edition
> http://secunia.com/product/16/
> Microsoft Windows Server 2003 Web Edition
> http://secunia.com/product/1176/
> Microsoft Windows Server 2003 Standard Edition
> http://secunia.com/product/1173/
> Microsoft Windows Server 2003 Enterprise Edition
> http://secunia.com/product/1174/
> Microsoft Windows Server 2003 Datacenter Edition
> http://secunia.com/product/1175/
> Microsoft Windows 2000 Server
> http://secunia.com/product/20/
> Microsoft Windows 2000 Professional
> http://secunia.com/product/1/
> Microsoft Windows 2000 Datacenter Server
> http://secunia.com/product/1177/
> Microsoft Windows 2000 Advanced Server
> http://secunia.com/product/21/
> 
> DESCRIPTION:
> A vulnerability has been reported in Microsoft Windows, which can be
> exploited by malicious people to compromise a user's system.
> 
> The vulnerability is caused due to a boundary error within the
> handling of the ART image file format. This can be exploited to cause
> a heap-based buffer overflow when the user views a malicious web site,
> which contains a specially crafted ART image, using Internet Explorer
> or opens a HTML e-mail message containing the image.
> 
> Successful exploitation allows arbitrary code execution.
> 
> SOLUTION:
> Apply patches.
> 
> Microsoft Windows 2000 SP4 (with Internet Explorer 5.01 SP4):
> http://www.microsoft.com/downloads/details.aspx?FamilyId=AE6D8
> DA7-B170-416D-8812-265FFA757301
> 
> Microsoft Windows 2000 SP4 (with Internet Explorer 6 SP1):
> http://www.microsoft.com/downloads/details.aspx?FamilyId=F6328
> F82-457E-44CB-95FB-2DB0E8C9EE3C
> 
> Microsoft Windows XP SP1:
> http://www.microsoft.com/downloads/details.aspx?FamilyId=F6328
> F82-457E-44CB-95FB-2DB0E8C9EE3C
> 
> Microsoft Windows XP SP2:
> http://www.microsoft.com/downloads/details.aspx?FamilyId=71022
> EA1-94CB-4FE9-B89E-46876D068B9A
> 
> Microsoft Windows XP Professional x64 Edition:
> http://www.microsoft.com/downloads/details.aspx?FamilyId=A3865
> 23E-96AB-43ED-B189-E13AF497B685
> 
> Microsoft Windows Server 2003:
> http://www.microsoft.com/downloads/details.aspx?FamilyId=56DF0
> CF2-9214-4B23-9034-C59E8B7126D6
> 
> Microsoft Windows Server 2003 for Itanium-based systems:
> http://www.microsoft.com/downloads/details.aspx?FamilyId=5E1B9
> 5C3-7E75-4468-829C-1DC7B4ECE5D0
> 
> Microsoft Windows Server 2003 x64 Edition:
> http://www.microsoft.com/downloads/details.aspx?FamilyId=4DC13
> B7C-01AB-4BB6-9766-0FE0D02E410D
> 
> Windows 98, Windows 98 SE, or Windows ME:
> Patches are available via the Microsoft Update web site or the
> Windows Update web site.
> 
> PROVIDED AND/OR DISCOVERED BY:
> Discovered by an anonymous person and reported via iDEFENSE.
> 
> ORIGINAL ADVISORY:
> MS06-022 (KB918439):
> http://www.microsoft.com/technet/security/Bulletin/MS06-022.mspx
> 
> iDefense Labs:
> http://idefense.com/intelligence/vulnerabilities/display.php?id=407
>

 



Copyright © Lexa Software, 1996-2009.