Lucene search
RootSSV:19453HistoryApr 14, 2010 - 12:00 a.m.
Microsoft Windows Authenticode Signature Verification远程代码执行漏洞(MS10-019)
2010-04-1400:00:00
Root
www.seebug.org
20
0.434 Medium
EPSS
Percentile
97.4%
BUGTRAQ ID: 39328
CVE ID: CVE-2010-0486
Windows Authenticode Signature Verification功能也称为WinVerifyTrust,用于对指定的对象执行信任验证操作。
Windows Authenticode Signature Verification功能在处理PE和cabinet文件格式的某些文件digest字段时存在错误。匿名攻击者可以通过修改已有的签名可执行文件以篡改签名文件的未验证部分来利用此漏洞,从而无需使签名失效便向文件添加恶意代码。成功利用此漏洞的攻击者可以完全控制受影响的系统。
Microsoft Authenticode Signature Verification 6.1
Microsoft Authenticode Signature Verification 6.0
Microsoft Authenticode Signature Verification 5.1
厂商补丁:
Microsoft
Microsoft已经为此发布了一个安全公告(MS10-019)以及相应补丁:
MS10-019:Vulnerabilities in Windows Could Allow Remote Code Execution (981210)
链接:http://www.microsoft.com/technet/security/bulletin/MS10-019.mspx?pf=true
http://sebug.net/exploit/19450/
Related
nvd
nvd
CVE-2010-0486
2010-04-14 16:00:01
cve
cve
CVE-2010-0486
2010-04-14 16:00:01
prion
prion
Input validation
2010-04-14 16:00:00
cvelist
cvelist
CVE-2010-0486
2010-04-14 15:44:00
openvas
openvas
securityvulns
securityvulns
nessus
nessus