Yahoo! Music Jukebox 2.2 AddImage() ActiveX Remote Buffer Overflow
2015年7月21日
危険度: : 中
CVE識別番号: CVE-2008-0623,CVE-2008-0624,CVE-2008-0625
概要
Multiple buffer overflow vulnerabilities exist in Yahoo! Music Jukebox. These vulnerabilities are caused due to boundary errors within the Yahoo! Music Jukebox ActiveX Control. A remote attack can exploit these vulnerabilities by enticing the target user to open a crafted webpage, potentially causing arbitrary code to be injected and executed in the security context of the current user.
トレンドマイクロの対策
Apply associated Trend Micro DPI Rules.
対応方法
Trend Micro Deep Security DPI Rule Number: 1001424
Trend Micro Deep Security DPI Rule Name: 1001424 - Microsoft Internet Explorer Yahoo! Music Jukebox AddBitmap & AddButton ActiveX Remote Buffer Overflow
影響を受けるソフトウェア
- Microsoft Internet Explorer