Microsoft Windows Briefcase Integer Underflow Vulnerability (CVE-2012-1527)
2015年7月21日
危険度: : 緊急
CVE識別番号: CVE-2012-1527,MS12-072
概要
Integer underflow in Windows Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 allows local users to gain privileges via a crafted briefcase, aka "Windows Briefcase Integer Underflow Vulnerability."
nvd: Per: http://technet.microsoft.com/en-us/security/bulletin/ms12-072
"A remote code execution vulnerability exists in the Briefcase feature in Windows. An attacker could exploit the vulnerability by convincing a user to open a specially crafted briefcase.....The vulnerability cannot be exploited automatically through email. For an attack to be successful a user must open an attachment that is sent in an email message."
トレンドマイクロの対策
Apply associated Trend Micro DPI Rules.
対応方法
Trend Micro Deep Security DPI Rule Number: 1005238
Trend Micro Deep Security DPI Rule Name: 1005238 - Microsoft Windows Briefcase Integer Underflow Vulnerability (CVE-2012-1527)
影響を受けるソフトウェア
- microsoft windows_7
- microsoft windows_8 -
- microsoft windows_server_2003
- microsoft windows_server_2008
- microsoft windows_server_2008 r2
- microsoft windows_server_2012 -
- microsoft windows_vista
- microsoft windows_xp
- microsoft windows_xp -