Research In Motion Blackberry TeamOn Import Object ActiveX控件缓冲区溢出漏洞

漏洞信息详情

Research In Motion Blackberry TeamOn Import Object ActiveX控件缓冲区溢出漏洞

• CNNVD编号：CNNVD-200705-096
• 危害等级： 高危
  
  
• CVE编号：
  CVE-2007-0323
  
• 漏洞类型：
  
  
  缓冲区溢出
  
• 发布时间：
  
  2007-05-08
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2007-05-09
  
• 厂        商：
  
  rim
• 漏洞来源：
  This issue was dis…

Research In Motion (RIM) TeamOn Import Object ActiveX控件(TOImport.dll)的SetLanguage函数中存在缓冲区溢出漏洞。远程攻击者可以借助未明向量，执行任意代码。

目前厂商已经发布了升级补丁以修复此安全问题，补丁获取链接：

http://www.microsoft.com/downloads/details.aspx?familyid=0F173D60-6FD0-4C92-BB2A-A7A78707E35F&displaylang=en

http://www.microsoft.com/downloads/details.aspx?familyid=1944BCFA-B0BC-4BD5-9089-A618EA43EA49&displaylang=en

http://www.microsoft.com/downloads/details.aspx?familyid=404A48A2-5765-4AFA-94BF-E97212AA14EF&displaylang=en

http://www.microsoft.com/downloads/details.aspx?familyid=7A778D93-9D85-4217-8CC0-5C494D954CA0&displaylang=en

http://www.microsoft.com/downloads/details.aspx?familyid=29938ED4-F8BB-4793-897C-966BA7F4830C&displaylang=en

http://www.microsoft.com/downloads/details.aspx?familyid=0C65FAD3-BAAE-46C4-B453-84CF28B15F50&displaylang=en

http://www.microsoft.com/downloads/details.aspx?familyid=74AFEA3D-79DF-4B64-BF30-B8E5C55CAB2B&displaylang=en

http://www.microsoft.com/downloads/details.aspx?familyid=67AE3381-16B2-4B34-B95C-69EE7D58B357&displaylang=en

http://www.microsoft.com/downloads/details.aspx?familyid=03FC8E0C-DEC5-48D1-9A34-3B639F185F7D&displaylang=en

http://www.microsoft.com/downloads/details.aspx?familyid=D249089D-BB8E-4B86-AB8E-18C52844ACB2&displaylang=en

http://www.microsoft.com/downloads/details.aspx?familyid=D52C0AFD-CC3A-4A5C-B91B-E006D497BC26&displaylang=en

http://www.microsoft.com/downloads/details.aspx?familyid=94B83BDD-2BD1-43E4-BABF-68135D253293&displaylang=en

http://www.microsoft.com/downloads/details.aspx?familyid=EFC6BE04-0D6B-4639-8485-DA1525F6BC52&displaylang=en

http://www.microsoft.com/downloads/details.aspx?familyid=A077BE20-C379-4386-B478-80197A4A4ABC&displaylang=en

来源: VU#869641

名称: VU#869641

链接:http://www.kb.cert.org/vuls/id/869641

来源: TA07-128A

名称: TA07-128A

链接:http://www.us-cert.gov/cas/techalerts/TA07-128A.html

来源: MS

名称: MS07-027

链接:http://www.microsoft.com/technet/security/Bulletin/MS07-027.mspx

来源: OSVDB

名称: 35873

链接:http://osvdb.org/35873

来源: XF

名称: rim-toimport-activex-bo(34182)

链接:http://xforce.iss.net/xforce/xfdb/34182

来源: BID

名称: 23331

链接:http://www.securityfocus.com/bid/23331

来源: HP

名称: SSRT071422

链接: http://www.securityfocus.com/archive/1/archive/1/468871/100/200/threaded

来源: VUPEN

名称: ADV-2007-1716

链接:http://www.frsirt.com/english/advisories/2007/1716

来源: www.blackberry.com

链接:http://www.blackberry.com/btsc/articles/74/KB13142_f.SAL_Public.html

来源: SECUNIA

名称: 25218

链接:http://secunia.com/advisories/25218