| CNNVD-ID编号 | CNNVD-200907-253 | CVE编号 | CVE-2009-0232 |
| 发布时间 | 2009-07-15 | 更新时间 | 2019-04-02 |
| 漏洞类型 | 数字错误 | 漏洞来源 | N/A |
| 危险等级 | 超危 | 威胁类型 | 远程 |
| 厂商 | microsoft | ||
Microsoft Windows是微软发布的非常流行的操作系统 。
Microsoft Windows的嵌入式OpenType(EOT)字体引擎组件解析特定嵌入式字体中数据记录的方式存在堆溢出漏洞,解析特定嵌入式字体中名称表格的方式存在整数溢出漏洞。如果用户受骗访问了恶意网站并查看了用特制EOT字体所呈现的内容的话,就可以触发上述溢出。成功利用此漏洞的攻击者可以完全控制受影响的系统。
目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
Microsoft Windows Server 2008 for 32-bit Systems SP2
Microsoft Security Update for Windows Server 2008 (KB961371)
http://www.microsoft.com/downloads/details.aspx?familyid=91f6ee68-0e39 -4ec3-b4cd-45f05404e2fb
Microsoft Windows XP Tablet PC Edition SP2
Microsoft Security Update for Windows XP (KB961371)
http://www.microsoft.com/downloads/details.aspx?familyid=6914167b-6961 -480c-a4d4-808cd58a035b
Microsoft Windows XP Media Center Edition SP3
Microsoft Security Update for Windows XP (KB961371)
http://www.microsoft.com/downloads/details.aspx?familyid=6914167b-6961 -480c-a4d4-808cd58a035b
Microsoft Windows Server 2003 Web Edition SP2
Microsoft Security Update for Windows Server 2003 (KB961371)
http://www.microsoft.com/downloads/details.aspx?familyid=018ef53d-f78e -4084-940d-7c86bf59d83c
Microsoft Windows XP Professional x64 Edition SP2
Microsoft Security Update for Windows XP x64 Edition (KB961371)
http://www.microsoft.com/downloads/details.aspx?familyid=3b8b019e-e6d8 -4ce2-8f1f-3a6399b252d1
Microsoft Windows Vista x64 Edition SP1
Microsoft Security Update for Windows Vista for x64-based Systems (KB961371)
http://www.microsoft.com/downloads/details.aspx?familyid=3f8ae651-59f7 -48e1-9e8c-8e07c6806964
Microsoft Windows Server 2008 for x64-based Systems 0
Microsoft Security Update for Windows Server 2008 x64 Edition (KB961371)
http://www.microsoft.com/downloads/details.aspx?familyid=5cdc3014-97b3 -47b5-a6b7-cd0e12ec60e4
Microsoft Windows Server 2008 for Itanium-based Systems SP2
Microsoft Security Update for Windows Server 2008 for Itanium-based Systems (KB961371)
http://www.microsoft.com/downloads/details.aspx?familyid=03330a14-9cfa -4146-a3d3-4b7a76975d2d
Microsoft Windows 2000 Advanced Server SP4
Microsoft Security Update for Windows 2000 (KB961371)
http://www.microsoft.com/downloads/details.aspx?familyid=1efbbd95-cd72 -43df-b1ce-7e2b0c0cb9e2
Microsoft Windows Server 2003 Standard Edition SP2
Microsoft Security Update for Windows Server 2003 (KB961371)
http://www.microsoft.com/downloads/details.aspx?familyid=018ef53d-f78e -4084-940d-7c86bf59d83c
Microsoft Windows Server 2008 for x64-based Systems SP2
Microsoft Security Update for Windows Server 2008 x64 Edition (KB961371)
http://www.microsoft.com/downloads/details.aspx?familyid=5cdc3014-97b3 -47b5-a6b7-cd0e12ec60e4
Microsoft Windows Server 2003 Itanium SP2
Microsoft Security Update for Windows Server 2003 for Itanium-based Systems (KB961371)
http://www.microsoft.com/downloads/details.aspx?familyid=7df0fce2-543c -4e82-85e6-012bfc8bf130
Microsoft Windows Server 2008 for Itanium-based Systems 0
Microsoft Security Update for Windows Server 2008 for Itanium-based Systems (KB961371)
http://www.microsoft.com/downloads/details.aspx?familyid=03330a14-9cfa -4146-a3d3-4b7a76975d2d
Microsoft Windows Vista x64 Edition SP2
Microsoft Security Update for Windows Vista for x64-based Systems (KB961371)
http://www.microsoft.com/downloads/details.aspx?familyid=3f8ae651-59f7 -48e1-9e8c-8e07c6806964
计算
安全
数据库
网络和加速
企业服务
