Microsoft Windows Briefcase Integer Overflow Vulnerability (CVE-2012-1528)
危険度: 緊急
CVE識別番号: CVE-2012-1528,MS12-072
情報公開日: 7 21, 2015
概要
Integer overflow in Windows Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 allows local users to gain privileges via a crafted briefcase, aka "Windows Briefcase Integer Overflow Vulnerability."
nvd: Per: http://technet.microsoft.com/security/bulletin/MS12-072
"A remote code execution vulnerability exists in the Briefcase feature in Windows. An attacker could exploit the vulnerability by convincing a user to open a specially crafted briefcase.....The vulnerability cannot be exploited automatically through email. For an attack to be successful a user must open an attachment that is sent in an email message."
トレンドマイクロの対策
Apply associated Trend Micro DPI Rules.
対応方法
Trend Micro Deep Security DPI Rule Number: 1005243
Trend Micro Deep Security DPI Rule Name: 1005243 - Microsoft Windows Briefcase Integer Overflow Vulnerability (CVE-2012-1528)
影響を受けるソフトウェア
- microsoft windows_7
- microsoft windows_8 -
- microsoft windows_server_2003
- microsoft windows_server_2008
- microsoft windows_server_2008 r2
- microsoft windows_server_2012 -
- microsoft windows_vista
- microsoft windows_xp
- microsoft windows_xp -