CVE-2004-0978
CVSS10.0
发布时间 :2005-02-09 00:00:00
修订时间 :2016-10-17 22:50:23
NMCO    

[原文]Heap-based buffer overflow in the Hrtbeat.ocx (Heartbeat) ActiveX control for Internet Explorer 5.01 through 6, when users who visit online gaming sites that are associated with MSN, allows remote attackers to execute arbitrary code via the SetupData parameter.


[CNNVD]Microsoft IE MSN heartbeat.ocx堆溢出漏洞(CNNVD-200502-026)

        Microsoft MSN heartbeat.ocx是部分MSN游戏站点上IE调用的组件。
        Microsoft MSN heartbeat.ocx对多个参数缺少充分边界缓冲区检查,远程攻击者可以利用这个漏洞可能以进程权限在系统上执行任意指令。
        漏洞存在于MSN Heartbeat ActiveX组件上,此组件一般在部分MSN游戏站点上提供安装,并默认是标记为安全的脚本。当在WEB页上初始化Heartbeat控件时,必须设置多个参数,如URLS或者filenames,当提供超长的字符串给SetupData参数时,可发生基于堆的缓冲区溢出,精心构建提交数据可能以进程权限执行任意指令

- CVSS (基础分值)

CVSS分值: 10 [严重(HIGH)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0978
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-0978
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200502-026
(官方数据源) CNNVD

- 其它链接及资源

http://marc.info/?l=bugtraq&m=110616221411579&w=2
(UNKNOWN)  BUGTRAQ  20050119 MSN Heartbeat Control Buffer Overflow
http://www.kb.cert.org/vuls/id/673134
(VENDOR_ADVISORY)  CERT-VN  VU#673134
http://www.microsoft.com/technet/security/bulletin/ms04-038.mspx
(UNKNOWN)  MS  MS04-038
http://www.ngssoftware.com/advisories/heartbeatfull.txt
(UNKNOWN)  MISC  http://www.ngssoftware.com/advisories/heartbeatfull.txt
http://www.securityfocus.com/bid/11367
(UNKNOWN)  BID  11367
http://xforce.iss.net/xforce/xfdb/17714
(VENDOR_ADVISORY)  XF  heartbeat-activex(17714)

- 漏洞信息

Microsoft IE MSN heartbeat.ocx堆溢出漏洞
危急 缓冲区溢出
2005-02-09 00:00:00 2005-10-20 00:00:00
远程  
        Microsoft MSN heartbeat.ocx是部分MSN游戏站点上IE调用的组件。
        Microsoft MSN heartbeat.ocx对多个参数缺少充分边界缓冲区检查,远程攻击者可以利用这个漏洞可能以进程权限在系统上执行任意指令。
        漏洞存在于MSN Heartbeat ActiveX组件上,此组件一般在部分MSN游戏站点上提供安装,并默认是标记为安全的脚本。当在WEB页上初始化Heartbeat控件时,必须设置多个参数,如URLS或者filenames,当提供超长的字符串给SetupData参数时,可发生基于堆的缓冲区溢出,精心构建提交数据可能以进程权限执行任意指令

- 公告与补丁

        目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
        Microsoft Internet Explorer 5.5 SP2
        Microsoft Cumulative Security Update for Internet Explorer 5.5 Service Pack 2 (KB834707) - English
        For Microsft Windows Millennium Edition.
        http://www.microsoft.com/downloads/details.aspx?FamilyId=BE27F77C-3C2D -45F1-86DF-2B71799DA169&displaylang=en
        Microsoft Internet Explorer 6.0 SP1
        Microsoft Cumulative Security Update for Internet Explorer 6 Service Pack 1 for Windows 98, Windows NT and Wi
        For Microsoft Windows 98, Windows 98 Second Edition, Windows ME, and Windows NT4 Server.
        http://www.microsoft.com/downloads/details.aspx?FamilyId=DE8D94C4-7F58 -4CE7-B8BD-51CFD795B03E&displaylang=en
        Microsoft Cumulative Security Update for Internet Explorer 6 Service Pack 1 for Windows XP and Windows 2000 (
        For Microsoft Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows XP, and Windows XP Service Pack 1.
        http://www.microsoft.com/downloads/details.aspx?FamilyId=7C1404E6-F5D4 -4FED-9573-DD83F2DFF074&displaylang=en
        Microsoft Cumulative Security Update for Internet Explorer 6 SP1 64-bit Edition (KB834707)
        For Microsoft Windows XP SP1 64-bit.
        http://www.microsoft.com/downloads/details.aspx?FamilyId=C05103E8-4402 -4D54-BA03-FBBC24142E4D&displaylang=en
        Microsoft Cumulative Security Update for Internet Explorer for Windows Server 2003 (KB834707)
        For Microsoft Windows Server 2003 Family.
        http://www.microsoft.com/downloads/details.aspx?FamilyId=19E69E5F-9C98 -49AD-A61F-4F82A4014412&displaylang=en
        Microsoft Cumulative Security Update for Internet Explorer for Windows Server 2003 64-bit Edition (KB834707)
        For Microsoft Windows Server 2003 Family (64-bit).
        http://www.microsoft.com/downloads/details.aspx?FamilyId=566C2A05-2513 -4E30-A3EA-87D4BF7F9730&displaylang=en
        Microsoft Internet Explorer 6.0 SP2 - do not use
        Microsoft Cumulative Security Update for Internet Explorer for XP Service Pack 2 (KB834707)
        For Microsoft Windows XP Service Pack 2.
        http://www.microsoft.com/downloads/details.aspx?FamilyId=CF47B515-3F51 -43E1-9246-2C2264C49E2E&displaylang=en
        Microsoft Internet Explorer 6.0
        Microsoft Cumulative Security Update for Internet Explorer 6 (KB834707)
        For Windows XP.
        http://www.microsoft.com/downloads/details.aspx?FamilyId=A89CFBE8-C299 -415D-A9D6-7CC6429C547D&displaylang=en
        Microsoft Cumulative Security Update for Internet Explorer for Windows Server 2003 (KB834707)
        For Microsoft Windows Server 2003 Family.
        http://www.microsoft.com/downloads/details.aspx?FamilyId=19E69E5F-9C98 -49AD-A61F-4F82A4014412&displaylang=en
        Microsoft Cumulative Security Update for Internet Explorer for Windows Server 2003 64-bit Edition (KB834707)
        For Microsoft Windows Server 2003 Family (64-bit).
        http://www.microsoft.com/downloads/details.aspx?FamilyId=566C2A05-2513 -4E30-A3EA-87D4BF7F9730&displaylang=en
        Microsoft Internet Explorer 5.0.1 SP4
        Microsoft Cumulative Security Update for Internet Explorer 5.01 for Windows 2000 Service Pack 4 (KB834707)
        For Windows 2000 Service Pack 4.
        http://www.microsoft.com/downloads/details.aspx?FamilyId=72DBE239-AF0A -42B5-B88C-A00371F6EC81&displaylang=en
        Microsoft Internet Explorer 5.0.1 SP3
        Microsoft Cumulative Security Update for Internet Explorer 5.01 for Windows 2000 Service Pack 3 (KB834707)
        For Windows 2000 Service Pack 3.
        http://www.microsoft.com/downloads/details.aspx?FamilyId=2D8E8E97-4946 -4994-924B-1FB1DC1881BA&displaylang=en
        

- 漏洞信息

10756
Microsoft MSN heartbeat.ocx Component Overflow
Remote / Network Access Input Manipulation
Loss of Integrity, Impact Unknown
Exploit Unknown

- 漏洞描述

MSN hearbeat.ocx contains a flaw related to a component that may allow an attacker to cause a buffer overflow. No further details have been provided.

- 时间线

2004-10-15 Unknow
Unknow Unknow

- 解决方案

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability.

- 相关参考

- 漏洞作者

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站