Microsoft WordPad
Microsoft WordPad '.doc'文件远程拒绝服务漏洞
SEBUG-ID:4116
SEBUG-Appdir:Office Word
Published:2008-09-27
Vulnerable:
Discription:
BUGTRAQ ID: 31399 CNCAN ID:CNCAN-2008092608 Microsoft WordPad是一款微软开发的写字板程序。 Microsoft WordPad处理特殊构建的.doc文件存在问题,远程攻击者可以利用漏洞使应用程序崩溃。 目前还不确定是否能以任意代码执行方式利用。
<*References
漏洞提供者*>
securfrog
Exploit:
[www.sebug.net]
The following procedures (methods) may contain something offensive,they are only for security researches and teaching , at your own risk!
The following procedures (methods) may contain something offensive,they are only for security researches and teaching , at your own risk!
可参考如下测试程序: http://milw0rm.com/sploits/2008-crash.doc.rar
SEBUG Solution:
目前没有解决方案提供: http://www.microsoft.com
// sebug.net [2008-09-27]