Thỉnh thoảng ông MS lại đẻ ra một cái 0day không biết nó tồn tại từ bao giờ.
Đúng là bó chiếu.
http://www.checkpoint.com/defense/advisories/public/2011/cpai-06-nov.html
Vulnerability Details
The vulnerability is due to improper bounds checking when parsing
specially crafted TrueType Font (TTF) files. A remote attacker may
exploit this vulnerability by enticing an affected user to open a
specially crafted TTF file. Successful exploitation of this
vulnerability may allow execution of arbitrary code on a target system
or lead to a local elevation of privilege condition.
No comments:
Post a Comment