Trend Micro Security

Office BMP Integer Overflow Vulnerability

2015年7月21日
  危険度: : 緊急
  CVE識別番号: CVE-2009-2518,MS09-062

  概要

Integer overflow in GDI+ in Microsoft Office XP SP3 allows remote attackers to execute arbitrary code via an Office document with a bitmap (aka BMP) image that triggers memory corruption, aka "Office BMP Integer Overflow Vulnerability."

  トレンドマイクロの対策

Apply associated Trend Micro DPI Rules.

  対応方法

  Trend Micro Deep Security DPI Rule Number: 1003759
  Trend Micro Deep Security DPI Rule Name: 1003759 - Office BMP Integer Overflow Vulnerability

  影響を受けるソフトウェア

  • Microsoft Works 8.5
  • Microsoft Windows XP
  • Microsoft Windows Vista
  • Microsoft Windows Server 2008
  • Microsoft Windows Server 2000
  • Microsoft Windows 2003 Server
  • Microsoft SQL Server 2005
  • Microsoft Report Viewer 2008
  • Microsoft Report Viewer 2005
  • Microsoft Office XP SP3
  • Microsoft Office Word Viewer 2003
  • Microsoft Office Visio 2002
  • Microsoft Office Project 2002
  • Microsoft Office Powerpoint 2007
  • Microsoft Office Groove 2007
  • Microsoft Office Excel Viewer 2003
  • Microsoft Compatibility Pack Word Excel Powerpoint 2007
  • Microsoft Office 2003
  • Microsoft Forefront Client Security 1.0
  • Microsoft Internet Explorer 6
  • Microsoft 2007 Office System SP2
  • Microsoft 2007 Office System SP1
  • Microsoft .NET Framework 2.0
  • Microsoft .NET Framework 1.1