Secunia http://secunia.com/advisories/26800/
> Microsoft Windows CFileFind Class "FindFile()" Buffer Overflow
> Secunia Advisory: SA26800
> Release Date: 2007-09-17
> Critical: Moderately critical
> Impact: System access
> Where: From remote
> Solution Status: Unpatched
>
>OS: Microsoft Windows XP Professional
(Snip)
> The vulnerability is confirmed on a fully-patched Windows XP SP2
> including mfc42.dll version 6.2.4131.0 and mfc42u.dll version 6.2.8071.0.
ããã¼ãmfc42 ã§ãããã使ã£ã¦ããã½ããã£ã¦å¤ããã§ãããããã¡ãã£ã¨èª¿ã¹ãã¨ãWindows ã® System ãã©ã«ã以å¤ã« Epson ãã㨠Buffalo ããã®ãã¼ã«ã«ãã£ãããã¾ãã
ã¦ã£ãããã£ã¢ http://ja.wikipedia.org/wiki/Microsoft_Foundation_Class
> Microsoft Foundation Class
ããããã§ãã
-
- -
(2007/09/26 追è¨)
JPCERT/CC and IPA http://jvn.jp/cert/JVNVU%23611008/
> JVNVU#611008
> Microsoft MFC FindFile() é¢æ°ã«ãã¼ããããã¡ãªã¼ãã¼ããã¼ã®èå¼±æ§
ããããã§ãã
-
- -