Remote Desktop Connection ActiveX Control Heap Overflow Vulnerability
Gravité: : Critique
Identifiant(s) CVE: : CVE-2009-1929
Date du conseil: 21 juillet 2015
Description
Heap-based buffer overflow in the Microsoft Terminal Services Client ActiveX control running RDP 6.1 on Windows XP SP2, Vista SP1 or SP2, or Server 2008 Gold or SP2; or 5.2 or 6.1 on Windows XP SP3; allows remote attackers to execute arbitrary code via unspecified parameters to unknown methods, aka "Remote Desktop Connection ActiveX Control Heap Overflow Vulnerability."
Information Exposure Rating:
Apply associated Trend Micro DPI Rules.
Solutions
Trend Micro Deep Security DPI Rule Number: 1003681
Trend Micro Deep Security DPI Rule Name: 1003681 - Remote Desktop Connection ActiveX Control Heap Overflow Vulnerability
Affected software and version:
- microsoft windows_2003_server sp2
- microsoft windows_server_2008
- microsoft windows_server_2008 -
- microsoft windows_vista
- microsoft windows_vista -
- microsoft windows_xp
- microsoft windows_xp -