Security Lab

Уязвимость при обработке VML стилей в Internet Explorer

Дата публикации:10.04.2012
Всего просмотров:1483
Опасность:
Высокая
Наличие исправления: Да
Количество уязвимостей:1
CVSSv2 рейтинг: 10 (AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:O/RC:C)
CVE ID: CVE-2012-0172
Вектор эксплуатации: Удаленная
Воздействие: Компрометация системы
CWE ID: Нет данных
Наличие эксплоита: Нет данных
Уязвимые продукты: Microsoft Internet Explorer 6.x
Microsoft Internet Explorer 7.x
Microsoft Internet Explorer 8.x
Уязвимые версии: Internet Explorer 6.x, 7.x, 8.x

Описание:
Уязвимость позволяет удаленному пользователю выполнить произвольный код на целевой системе.

Уязвимость существует из-за ошибки при обработке VML стилей во время получения доступа к ранее удаленному объекту. Удаленный пользователь может с помощью специально сформированной Web-страницы вызвать повреждение памяти и выполнить произвольный код на целевой системе.

URL производителя: www.microsoft.com

Решение: Установите исправление с сайта производителя.

-- Internet Explorer 6 --

Windows XP Service Pack 3:
http://www.microsoft.com/downloads/details.aspx?FamilyID=2a490c62-16c4-402a-b2d9-3e8cfb5bcebd

Windows XP Professional x64 Edition Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?FamilyID=a1b7be43-a32e-456b-8df0-c26cdf187682

Windows Server 2003 Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?FamilyID=020e0d68-dd1c-4297-b565-fcc6dcf5f280

Windows Server 2003 x64 Edition Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?FamilyID=295292d3-01a3-4574-b994-8cdbcf5a0d2e

Windows Server 2003 with SP2 for Itanium-based Systems:
http://www.microsoft.com/downloads/details.aspx?FamilyID=09011393-c7d5-4225-9b8e-5a234d4dbcd1

-- Internet Explorer 7 --

Windows XP Service Pack 3:
http://www.microsoft.com/downloads/details.aspx?FamilyID=81b28dd9-87aa-46cc-94c6-2da39d0298db

Windows XP Professional x64 Edition Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?FamilyID=29ec7b06-c7aa-4149-bb2c-25af7d38a6a9

Windows XP Professional x64 Edition Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?FamilyID=17b0c139-2709-424d-9d17-827af468e858

Windows Server 2003 x64 Edition Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?FamilyID=04656a93-e958-4764-afe8-27c476855506

Windows Server 2003 with SP2 for Itanium-based Systems:
http://www.microsoft.com/downloads/details.aspx?FamilyID=a5ef0147-595e-43b5-819f-73780fcef10d

Windows Vista Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?FamilyID=f598cad1-4d1a-40ce-a016-bb58778d5dc0

Windows Vista x64 Edition Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?FamilyID=2717a997-2066-4a83-ae9b-4611a0851101

Windows Server 2008 for 32-bit Systems Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?FamilyID=3e361edd-234b-4053-aa49-278b9fde4d5c

Windows Server 2008 for x64-based Systems Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?FamilyID=60b76a3c-4530-4101-931f-45df621e1eed

Windows Server 2008 for Itanium-based Systems Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?FamilyID=3235216f-497f-4934-81b8-1eb9929e98c9

-- Internet Explorer 8 --

Windows XP Service Pack 3:
http://www.microsoft.com/downloads/details.aspx?familyid=74ce0e29-046b-4ac3-89a1-b292a177972f

Windows XP Professional x64 Edition Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=646c6352-4d99-413a-a75b-71289b5d2b25

Windows Server 2003 Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=3289a80a-d1b1-4494-bede-03d0be579acf

Windows Server 2003 x64 Edition Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=dff4fb63-b319-49ed-8a9d-6b15e43d5bfd

Windows Vista Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=44284277-06a7-405d-9187-8f50a042604d

Windows Vista x64 Edition Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=19684033-ddeb-464f-9a22-f580a9c19f8e

Windows Server 2008 for 32-bit Systems Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=6eb6781e-7b38-4679-afbc-4e3bb5747fd8

Windows Server 2008 for x64-based Systems Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=fd657467-a45c-4354-b947-3a3cceb9b690

Windows 7 for 32-bit Systems:
http://www.microsoft.com/downloads/details.aspx?familyid=9a58ca0b-fad7-418e-80ae-ca478168f887

Windows 7 for 32-bit Systems Service Pack 1:
http://www.microsoft.com/downloads/details.aspx?familyid=9a58ca0b-fad7-418e-80ae-ca478168f887

Windows 7 for x64-based Systems:
http://www.microsoft.com/downloads/details.aspx?familyid=7215f707-c536-4d81-ad66-e7bff592e400

Windows 7 for x64-based Systems Service Pack 1:
http://www.microsoft.com/downloads/details.aspx?familyid=7215f707-c536-4d81-ad66-e7bff592e400

Windows Server 2008 R2 for x64-based Systems:
http://www.microsoft.com/downloads/details.aspx?familyid=237d94e6-b9b9-4177-81fa-a67df2806b0e

Windows Server 2008 R2 for x64-based Systems Service Pack 1:
http://www.microsoft.com/downloads/details.aspx?familyid=237d94e6-b9b9-4177-81fa-a67df2806b0e

Windows Server 2008 R2 for Itanium-based Systems:
http://www.microsoft.com/downloads/details.aspx?familyid=7bdba902-0a6e-451e-a29b-6d0a03ff5664

Windows Server 2008 R2 for Itanium-based Systems Service Pack 1:
http://www.microsoft.com/downloads/details.aspx?familyid=7bdba902-0a6e-451e-a29b-6d0a03ff5664

Ссылки: MS12-023: Cumulative Security Update for Internet Explorer (2675157)