Lucene search
RootSSV:60428HistoryOct 11, 2012 - 12:00 a.m.
Microsoft Word RTF文件释放后重用远程代码执行漏洞(MS12-064)
2012-10-1100:00:00
Root
www.seebug.org
15
EPSS
0.908
Percentile
98.9%
BUGTRAQ ID: 55781
CVE(CAN) ID: CVE-2012-2528
Microsoft Word属于办公软件是微软公司的一个文字处理器应用程序。
Microsoft Office处理特制RTF文件时存在远程代码执行漏洞,成功利用此漏洞的攻击者可完全控制受影响系统。
0
Microsoft Word 2010
Microsoft Word 2007
Microsoft Word 2003
Microsoft Office SharePoint Server 2010
Microsoft Office Web Apps 2010 SP1
Microsoft Office Web Apps 2010 0
Microsoft Office Compatibility Pack SP3
Microsoft Office Compatibility Pack SP2
临时解决方法:
如果您不能立刻安装补丁或者升级,建议您采取以下措施以降低威胁:
-
以纯文本方式读取电子邮件
-
使用Microsoft Office File Block策略阻止打开来自未知或可疑源和位置的RTF文档。
厂商补丁:
Microsoft
Microsoft已经为此发布了一个安全公告(MS12-064)以及相应补丁:
MS12-064:Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2742319)
链接:http://www.microsoft.com/technet/security/bulletin/MS12-064.asp
Related
checkpoint_advisories
checkpoint_advisories
cvelist
cvelist
CVE-2012-2528
2012-10-09 21:00:00
nvd
nvd
CVE-2012-2528
2012-10-09 21:55:02
prion
prion
Design/Logic Flaw
2012-10-09 21:55:00
cve
cve
CVE-2012-2528
2012-10-09 21:55:02
mskb
mskb
securityvulns
securityvulns
Microsoft Word security vulnerabilities
2012-10-09 00:00:00
openvas
openvas
Microsoft Office Word Remote Code Execution Vulnerabilities (2742319)
2012-10-10 00:00:00
nessus
nessus