漏洞信息详情
Microsoft Windows GDI ‘EMR_COLORMATCHTOTARGETW’ 栈溢出漏洞
- CNNVD编号:CNNVD-200804-108
- 危害等级: 超危
![图片[1]-Microsoft Windows GDI ‘EMR_COLORMATCHTOTARGETW’ 栈溢出漏洞-一一网](https://www.proyy.com/skycj/data/images/2021-09-08/c4e67a37c54aee8c0e1983d8333a9158.png)
- CVE编号:
CVE-2008-1087
- 漏洞类型:
缓冲区溢出
- 发布时间:
2008-04-08
- 威胁类型:
远程
- 更新时间:
2009-03-04
- 厂 商:
microsoft - 漏洞来源:
Yamata Li -
漏洞简介
Microsoft Windows 2000 SP4,XP SP2,Server 2003 SP1和SP2,Vista,以及Server 2008中的GDI存在栈缓冲区溢出漏洞。远程攻击者借助一个带有特制的文件名参数的EMF图像,执行任意代码。该漏洞又称\”GDI栈缓冲区溢出漏洞\” 。
漏洞公告
目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
Microsoft Windows Server 2003 Datacenter Edition SP1
Microsoft Security Update for Windows Server 2003 (KB948590)
http://www.microsoft.com/downloads/details.aspx?familyid=bee91d80-d49a -4d3d-82d6-d5aa63f54979
Microsoft Windows XP Media Center Edition SP2
Microsoft Security Update for Windows XP (KB948590)
http://www.microsoft.com/downloads/details.aspx?familyid=c2763dd8-a03e -4a48-aa86-a7ec00250a7a
Microsoft Windows Server 2003 Itanium SP1
Microsoft Security Update for Windows Server 2003 for Itanium (KB948590)
http://www.microsoft.com/downloads/details.aspx?familyid=7886a802-f2b5 -489c-b14b-631f4c4c0742
Microsoft Windows Server 2003 Enterprise Edition Itanium SP1
Microsoft Security Update for Windows Server 2003 for Itanium (KB948590)
http://www.microsoft.com/downloads/details.aspx?familyid=7886a802-f2b5 -489c-b14b-631f4c4c0742
Microsoft Windows Server 2003 Datacenter x64 Edition SP2
Microsoft Security Update for Windows Server 2003 x64 Edition (KB948590)
http://www.microsoft.com/downloads/details.aspx?familyid=e3dde449-e062 -4ce0-a9f4-433bff23e224
Microsoft Windows Vista Home Basic SP1
Microsoft Security Update for Windows Vista (KB948590)
http://www.microsoft.com/downloads/details.aspx?familyid=9b51deb8-3873 -4146-977f-7e3d0840a4c5
Microsoft Windows XP Tablet PC Edition SP2
Microsoft Security Update for Windows XP (KB948590)
http://www.microsoft.com/downloads/details.aspx?familyid=c2763dd8-a03e -4a48-aa86-a7ec00250a7a
Microsoft Windows Server 2003 Web Edition SP2
Microsoft Security Update for Windows Server 2003 (KB948590)
http://www.microsoft.com/downloads/details.aspx?familyid=bee91d80-d49a -4d3d-82d6-d5aa63f54979
Microsoft Windows Vista Home Premium
Microsoft Security Update for Windows Vista (KB948590)
http://www.microsoft.com/downloads/details.aspx?familyid=9b51deb8-3873 -4146-977f-7e3d0840a4c5
Microsoft Windows Server 2003 Standard Edition SP1
Microsoft Security Update for Windows Server 2003 (KB948590)
http://www.microsoft.com/downloads/details.aspx?familyid=bee91d80-d49a -4d3d-82d6-d5aa63f54979
Microsoft Windows Server 2003 x64 SP1
Microsoft Security Update for Windows Server 2003 x64 Edition (KB948590)
http://www.microsoft.com/downloads/details.aspx?familyid=e3dde449-e062 -4ce0-a9f4-433bff23e224
Microsoft Windows Vista Enterprise
Microsoft Security Update for Windows Vista (KB948590)
http://www.microsoft.com/downloads/details.aspx?familyid=9b51deb8-3873 -4146-977f-7e3d0840a4c5
Microsoft Windows XP Professional x64 Edition SP2
Microsoft Security Update for Windows XP x64 Edition (KB948590)
http://www.microsoft.com/downloads/details.aspx?familyid=166f2ab5-913c -47a9-86fe-b814797b751e
Microsoft Windows Vista 0
Microsoft Security Update for Windows Vista (KB948590)
http://www.microsoft.com/downloads/details.aspx?familyid=9b51deb8-3873 -4146-977f-7e3d0840a4c5
Microsoft Windows Vista Business
Microsoft Security Update for Windows Vista (KB948590)
http://www.microsoft.com/downloads/details.aspx?familyid=9b51deb8-3873 -4146-977f-7e3d0840a4c5
Microsoft Windows Server 2003 x64 SP2
Microsoft Security Update for Windows Server 2003 x64 Edition (KB948590)
http://www.microsoft.com/downloads/details.aspx?familyid=e3dde449-e062 -4ce0-a9f4-433bff23e224
Microsoft Windows Vista Ultimate SP1
Microsoft Security Update for Windows Vista (KB948590)
http://www.microsoft.com/downloads/details.aspx?familyid=9b51deb8-3873 -4146-977f-7e3d0840a4c5
Microsoft Windows Vista SP1
Microsoft Security Update for Windows Vista (KB948590)
http://www.microsoft.com/downloads/details.aspx?familyid=9b51deb8-3873 -4146-977f-7e3d0840a4c5
Microsoft Windows Server 2003 Enterprise Edition SP1
Microsoft Security Update for Windows Server 2003 (KB948590)
http://www.microsoft.com/downloads/details.aspx?familyid=bee91d80-d49a -4d3d-82d6-d5aa63f54979
Microsoft Windows Vista Home Basic
Microsoft Security Update for Windows Vista (KB948590)
http://www.microsoft.com/downloads/details.aspx?familyid=9b51deb8-3873 -4146-977f-7e3d0840a4c5
参考网址
来源: BID
名称: 28570
链接:http://www.securityfocus.com/bid/28570
来源: SECTRACK
名称: 1019798
链接:http://www.securitytracker.com/id?1019798
来源: MILW0RM
名称: 6656
链接:http://www.milw0rm.com/exploits/6656
来源: MS
名称: MS08-021
链接:http://www.microsoft.com/technet/security/bulletin/ms08-021.mspx
来源: VUPEN
名称: ADV-2008-1145
链接:http://www.frsirt.com/english/advisories/2008/1145/references
来源: SECUNIA
名称: 29704
链接:http://secunia.com/advisories/29704
来源: OVAL
名称: oval:org.mitre.oval:def:5580
链接:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:5580
来源: OSVDB
名称: 44215
来源: MILW0RM
名称: 5442
链接:http://www.milw0rm.com/exploits/5442
来源: HP
名称: SSRT080048
![[桜井宁宁]COS和泉纱雾超可爱写真福利集-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/4d3cf227a85d7e79f5d6b4efb6bde3e8.jpg)
![[桜井宁宁] 爆乳奶牛少女cos写真-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/d40483e126fcf567894e89c65eaca655.jpg)
