Alert GCSA-08080 - Vulnerabilita' in Microsoft Windows MSCMS (MS08-046)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-08080
Data : 13 agosto 2008
Titolo : Vulnerabilita' in Microsoft Windows MSCMS (MS08-046)
******************************************************************
:: Descrizione del problema
E' stata riscontrata una vulnerabilita' in Microsoft Windows che potrebbe
essere sfruttata per compromettere un sistema che ne sia affetto.
La vulnerabilita' e' dovuta ad un boundary error nel modulo MSCMS (Microsoft
Color Management System) del componente Microsoft ICM (Image Color Management)
durante il parsing delle immagini, e potrebbe essere sfruttata per provocare
un buffer overflow di tipo heap-based attraverso file immagine appositamente
predisposti.
:: Piattaforme e software interessati
- - Microsoft Windows 2000 Advanced Server
- - Microsoft Windows 2000 Datacenter Server
- - Microsoft Windows 2000 Professional
- - Microsoft Windows 2000 Server
- - Microsoft Windows Server 2003 Datacenter Edition
- - Microsoft Windows Server 2003 Enterprise Edition
- - Microsoft Windows Server 2003 Standard Edition
- - Microsoft Windows Server 2003 Web Edition
- - Microsoft Windows Storage Server 2003
- - Microsoft Windows XP Home Edition
- - Microsoft Windows XP Professional
:: Impatto
- - Esecuzione remota di codice arbitrario
:: Soluzioni
Applicare le patch
Windows 2000 SP4:
http://www.microsoft.com/downloads/details.aspx?familyid=db455d17-435f-46d7-b2dd-5babb5a1eeb3
Windows XP SP2/SP3:
http://www.microsoft.com/downloads/details.aspx?familyid=d313f42c-f43f-48ea-82ef-3bc33077c7fa
Windows XP Professional x64 Edition (optionally with SP2):
http://www.microsoft.com/downloads/details.aspx?familyid=3150c6b8-f50b-4b84-a7ce-c8daf77c080c
Windows Server 2003 SP1/SP2:
http://www.microsoft.com/downloads/details.aspx?familyid=828d8fdc-8534-4621-85a5-08aec255496f
Windows Server 2003 x64 Edition (optionally with SP2):
http://www.microsoft.com/downloads/details.aspx?familyid=0a13776f-d543-41df-b904-d51e368c81cc
Windows Server 2003 with SP1/SP2 for Itanium-based Systems:
http://www.microsoft.com/downloads/details.aspx?familyid=9566493f-4260-4072-947a-527887d2cd63
:: Riferimenti
Microsoft:
http://www.microsoft.com/technet/security/Bulletin/MS08-046.mspx
FrSirt:
http://www.frsirt.com/english/advisories/2008/2350
Secunia:
http://secunia.com/advisories/31385/
CVE Mitre:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2245
-----BEGIN PGP SIGNATURE-----
iQCVAwUBSKLlevOB+SpikaiRAQJ64wP9ExsM9Rvlp3Aqgj9y3S234FDwNSNF7Jms
nFIdj5zgMbV4bxD977BdaLQO6J5cNJrcOcKwxsQWk/CKsgRdTMbUt46qG3LL1pxk
CszOrPCZwui1hKc1ck5br0eqx8bgt9xLIKN60bpFPQOptG/woFeu6ndxzlbQZTON
eyHj0I+ltjk=
=QsI7
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-08080
Data : 13 agosto 2008
Titolo : Vulnerabilita' in Microsoft Windows MSCMS (MS08-046)
******************************************************************
:: Descrizione del problema
E' stata riscontrata una vulnerabilita' in Microsoft Windows che potrebbe
essere sfruttata per compromettere un sistema che ne sia affetto.
La vulnerabilita' e' dovuta ad un boundary error nel modulo MSCMS (Microsoft
Color Management System) del componente Microsoft ICM (Image Color Management)
durante il parsing delle immagini, e potrebbe essere sfruttata per provocare
un buffer overflow di tipo heap-based attraverso file immagine appositamente
predisposti.
:: Piattaforme e software interessati
- - Microsoft Windows 2000 Advanced Server
- - Microsoft Windows 2000 Datacenter Server
- - Microsoft Windows 2000 Professional
- - Microsoft Windows 2000 Server
- - Microsoft Windows Server 2003 Datacenter Edition
- - Microsoft Windows Server 2003 Enterprise Edition
- - Microsoft Windows Server 2003 Standard Edition
- - Microsoft Windows Server 2003 Web Edition
- - Microsoft Windows Storage Server 2003
- - Microsoft Windows XP Home Edition
- - Microsoft Windows XP Professional
:: Impatto
- - Esecuzione remota di codice arbitrario
:: Soluzioni
Applicare le patch
Windows 2000 SP4:
http://www.microsoft.com/downloads/details.aspx?familyid=db455d17-435f-46d7-b2dd-5babb5a1eeb3
Windows XP SP2/SP3:
http://www.microsoft.com/downloads/details.aspx?familyid=d313f42c-f43f-48ea-82ef-3bc33077c7fa
Windows XP Professional x64 Edition (optionally with SP2):
http://www.microsoft.com/downloads/details.aspx?familyid=3150c6b8-f50b-4b84-a7ce-c8daf77c080c
Windows Server 2003 SP1/SP2:
http://www.microsoft.com/downloads/details.aspx?familyid=828d8fdc-8534-4621-85a5-08aec255496f
Windows Server 2003 x64 Edition (optionally with SP2):
http://www.microsoft.com/downloads/details.aspx?familyid=0a13776f-d543-41df-b904-d51e368c81cc
Windows Server 2003 with SP1/SP2 for Itanium-based Systems:
http://www.microsoft.com/downloads/details.aspx?familyid=9566493f-4260-4072-947a-527887d2cd63
:: Riferimenti
Microsoft:
http://www.microsoft.com/technet/security/Bulletin/MS08-046.mspx
FrSirt:
http://www.frsirt.com/english/advisories/2008/2350
Secunia:
http://secunia.com/advisories/31385/
CVE Mitre:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2245
-----BEGIN PGP SIGNATURE-----
iQCVAwUBSKLlevOB+SpikaiRAQJ64wP9ExsM9Rvlp3Aqgj9y3S234FDwNSNF7Jms
nFIdj5zgMbV4bxD977BdaLQO6J5cNJrcOcKwxsQWk/CKsgRdTMbUt46qG3LL1pxk
CszOrPCZwui1hKc1ck5br0eqx8bgt9xLIKN60bpFPQOptG/woFeu6ndxzlbQZTON
eyHj0I+ltjk=
=QsI7
-----END PGP SIGNATURE-----