CVE-2002-2105
CVSS2.1
发布时间 :2002-12-31 00:00:00
修订时间 :2008-09-05 16:32:20
NMCOES    

[原文]Microsoft Windows XP allows local users to prevent the system from booting via a corrupt explorer.exe.manifest file.


[CNNVD]Microsoft Windows XP .Manifest服务拒绝漏洞(CNNVD-200212-855)

        Microsoft Windows XP存在漏洞。远程攻击者借助破坏的explorer.exe.manifest文件阻止系统启动。

- CVSS (基础分值)

CVSS分值: 2.1 [轻微(LOW)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: LOCAL [漏洞利用需要具有物理访问权限或本地帐户]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/o:microsoft:windows_xp:::home
cpe:/o:microsoft:windows_xp::gold:professionalMicrosoft Windows XP Professional Gold

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2105
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-2105
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200212-855
(官方数据源) CNNVD

- 其它链接及资源

http://xforce.iss.net/static/8000.php
(UNKNOWN)  XF  winxp-manifest-xml-dos(8000)
http://www.supernature-forum.de/vbb/printthread.php?threadid=6458
(UNKNOWN)  MISC  http://www.supernature-forum.de/vbb/printthread.php?threadid=6458
http://www.securityfocus.com/bid/3942
(UNKNOWN)  BID  3942
http://securitytracker.com/id?1003308
(UNKNOWN)  SECTRACK  1003308

- 漏洞信息

Microsoft Windows XP .Manifest服务拒绝漏洞
低危 其他
2002-12-31 00:00:00 2005-10-20 00:00:00
本地  
        Microsoft Windows XP存在漏洞。远程攻击者借助破坏的explorer.exe.manifest文件阻止系统启动。

- 公告与补丁

        Microsoft has released a hotfix to address this issue. Please contact the vendor for details on obtaining and applying the appropriate updates.

- 漏洞信息 (21240)

Microsoft Windows XP .Manifest Denial of Service Vulnerability (EDBID:21240)
windows dos
2002-01-21 Verified
0 mosestycoon
N/A [点击下载]
source: http://www.securityfocus.com/bid/3942/info

To enable desktop skinning, Microsoft Windows XP uses '.manifest' files ('<filename>.exe.manifest'). This file contains XML code that tells Windows XP to use the XP controls.

Due to a flaw, Windows XP fails to properly verify the XML code within a '.manifest' file.

If XML code is modified, the associated application will not start, causing a denial of service.

This issue could pose a more serious threat if the XML code associated with 'explorer.exe' is modified. If the 'explorer.exe.manifest' file is modified, then when the computer restarts, the system will hang and 'explorer.exe' will not load, causing a denial of service.

Reportedly, the repair function will not resolve this issue. 

http://www.exploit-db.com/sploits/21240.zip		

- 漏洞信息

19764
Microsoft Windows XP Malformed explorer.exe.manifest Local DoS
Local Access Required Denial of Service
Loss of Availability Patch / RCS
Exploit Public Vendor Verified, Third-party Verified

- 漏洞描述

- 时间线

2002-01-21 Unknow
2002-01-21 Unknow

- 解决方案

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability.

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Microsoft Windows XP .Manifest Denial of Service Vulnerability
Failure to Handle Exceptional Conditions 3942
No Yes
2002-01-21 12:00:00 2006-10-20 05:13:00
Discovered by mosestycoon <mosestycoon@daybyday.de>.

- 受影响的程序版本

Microsoft Windows XP Tablet PC Edition SP2
Microsoft Windows XP Professional SP2
Microsoft Windows XP Media Center Edition SP2
Microsoft Windows XP Home SP2

- 漏洞讨论

To enable desktop skinning, Microsoft Windows XP uses '.manifest' files ('<filename>.exe.manifest'). This file contains XML code that tells Windows XP to use the XP controls.

Due to a flaw, Windows XP fails to properly verify the XML code within a '.manifest' file.

If XML code is modified, the associated application will not start, causing a denial of service.

This issue could pose a more serious threat if the XML code associated with 'explorer.exe' is modified. If the 'explorer.exe.manifest' file is modified, then when the computer restarts, the system will hang and 'explorer.exe' will not load, causing a denial of service.

Reportedly, the repair function will not resolve this issue.

- 漏洞利用

The following exploit code is available:

- 解决方案

Microsoft has released a hotfix to address this issue. Please contact the vendor for details on obtaining and applying the appropriate updates.

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站