MS12-060:Windows コモン コントロールの脆弱性により、リモートでコードが実行される (2720573)
2012年8月15日
危険度: : 緊急
CVE識別番号: CVE-2012-1856
概要
This update resolves a vulnerability in MSCOMCTL.OCX, which is found in a host of Microsoft products. When successfully exploited, the vulnerability allows an attacker to remotely execute any code on the vulnerable system. Some of the affected MS products are:
- MS Visual FoxPro
- MS Commerce Server
- MS SQL Server
- MS Office
トレンドマイクロの対策
詳しい情報については以下のサイトをご参照ください。
影響を受けるソフトウェア
- Microsoft Office 2003 Service Pack 3
- Microsoft Office 2003 Web Components Service Pack 3
- Microsoft Office 2007 Service Pack 2
- Microsoft Office 2007 Service Pack 3
- Microsoft Office 2010 Service Pack 1 (32-bit Editions)
- Microsoft SQL Server 2000 Service Pack 4
- Microsoft SQL Server 2005 Express Edition with Advanced Services Service Pack 4 (Microsoft SQL Server 2000)
- Microsoft SQL Server 2005 for x64-based Systems Service Pack 4 (Microsoft SQL Server 2000)
- Microsoft SQL Server 2008 for 32-bit Systems Service Pack 3 (Microsoft SQL Server 2008)
- Microsoft SQL Server 2008 for x64-based Systems Service Pack 3 (Microsoft SQL Server 2008)
- Microsoft SQL Server 2008 for Itanium-based Systems Service Pack 2 (Microsoft SQL Server 2008)
- Microsoft SQL Server 2008 for Itanium-based Systems Service Pack 3 (Microsoft SQL Server 2008)
- Microsoft SQL Server 2008 R2 for 32-bit Systems (Microsoft SQL Server 2008)
- Microsoft SQL Server 2008 R2 for Itanium-based Systems Service Pack 2 (Microsoft SQL Server 2008)
- Microsoft Commerce Server 2002 Service Pack 4
- Microsoft SQL Server 2000 Analysis Services Service Pack 4 (Microsoft SQL Server 2000)
- Microsoft SQL Server 2005 for 32-bit Systems Service Pack 4 (Microsoft SQL Server 2000)
- Microsoft SQL Server 2005 for Itanium-based Systems Service Pack 4 (Microsoft SQL Server 2000)
- Microsoft SQL Server 2008 for 32-bit Systems Service Pack 2 (Microsoft SQL Server 2008)
- Microsoft SQL Server 2008 for x64-based Systems Service Pack 2 (Microsoft SQL Server 2008)
- Microsoft SQL Server 2008 R2 for 32-bit Systems Service Pack 1 (Microsoft SQL Server 2008)
- Microsoft SQL Server 2008 R2 for 32-bit Systems Service Pack 2 (Microsoft SQL Server 2008)
- Microsoft SQL Server 2008 R2 for x64-based Systems (Microsoft SQL Server 2008)
- Microsoft SQL Server 2008 R2 for x64-based Systems Service Pack 1 (Microsoft SQL Server 2008)
- Microsoft SQL Server 2008 R2 for x64-based Systems Service Pack 2 (Microsoft SQL Server 2008)
- Microsoft SQL Server 2008 R2 for Itanium-based Systems (Microsoft SQL Server 2008)
- Microsoft SQL Server 2008 R2 for Itanium-based Systems Service Pack 1 (Microsoft SQL Server 2008)
- Microsoft Commerce Server 2007 Service Pack 2
- Microsoft Commerce Server 2009
- Microsoft Commerce Server 2009 R2
- Microsoft Host Integration Server 2004 Service Pack 1
- Microsoft Visual FoxPro 8.0 Service Pack 1
- Microsoft Visual FoxPro 9.0 Service Pack 2
- Visual Basic 6.0 Runtime