pioneer
超级版主
积分 4563
发帖 4545
注册 2007-7-16
来自 BJ
|
#1 Autonomy Keyview SDK Lotus 1-2-3 File Viewer缓冲溢出
来源
secunia.com
软件名
Verity KeyView Viewer SDK 9.x
Verity KeyView Viewer SDK 8.x
Verity KeyView Viewer SDK 7.x
Verity KeyView Filter SDK 9.x
Verity KeyView Filter SDK 8.x
Verity KeyView Filter SDK 7.x
Verity KeyView Export SDK 9.x
Verity KeyView Export SDK 8.x
Verity KeyView Export SDK 7.x
Autonomy KeyView Export SDK 10.x
Autonomy KeyView Filter SDK 10.x
Autonomy KeyView Viewing SDK 10.x
描述
这可恶意危害用户系统
Lotus 1-2-3 file viewer (l123sr.dll)中的越界访问错误,可通过欺骗用户浏览特定的SRANGE记录类型的恶意Lotus 1-2-3文件导致缓冲溢出
溢出成功后可执行任意代码
解决方案
已经有补丁可供更新(联系厂商)
| |
※文章所有权归【pioneer】与【东方微点论坛】共同所有,转载请注明出处!※
|
 |
|
