{"id":615,"date":"2009-10-14T21:18:32","date_gmt":"2009-10-14T13:18:32","guid":{"rendered":"http:\/\/down.cdhaha.net\/?p=615"},"modified":"2009-10-14T21:18:32","modified_gmt":"2009-10-14T13:18:32","slug":"ms09-062-vulnerabilities-in-gdi-could-allow-remote-code-execution-957488","status":"publish","type":"post","link":"http:\/\/down.cdhaha.net\/?p=615","title":{"rendered":"MS09-062 Vulnerabilities in GDI+ Could Allow Remote Code Execution (957488)"},"content":{"rendered":"<p><img decoding=\"async\" src=\"wp-content\/uploads\/2009\/02\/windowsupdate.gif\" alt=\"GDI+\" title=\"GDI+\" class=\"alignleft\" \/>\u6b64\u5b89\u5168\u66f4\u65b0\u53ef\u89e3\u51b3 Microsoft Windows GDI+ \u4e2d\u8bb8\u591a\u79d8\u5bc6\u62a5\u544a\u7684\u6f0f\u6d1e\u3002\u5982\u679c\u7528\u6237\u4f7f\u7528\u53d7\u5f71\u54cd\u7684\u8f6f\u4ef6\u67e5\u770b\u7279\u5236\u56fe\u50cf\u6587\u4ef6\u6216\u6d4f\u89c8\u5305\u542b\u7279\u5236\u5185\u5bb9\u7684\u7f51\u7ad9\uff0c\u5219\u8fd9\u4e9b\u6f0f\u6d1e\u53ef\u80fd\u5141\u8bb8\u8fdc\u7a0b\u6267\u884c\u4ee3\u7801\u3002\u90a3\u4e9b\u5e10\u6237\u88ab\u914d\u7f6e\u4e3a\u62e5\u6709\u8f83\u5c11\u7cfb\u7edf\u7528\u6237\u6743\u9650\u7684\u7528\u6237\u6bd4\u5177\u6709\u7ba1\u7406\u7528\u6237\u6743\u9650\u7684\u7528\u6237\u53d7\u5230\u7684\u5f71\u54cd\u8981\u5c0f\u3002<\/p>\n<p>\u5bf9\u4e8e <strong>Windows XP \u548c Windows Server 2003\u3001Windows Vista \u548c Windows Vista Service Pack 1\u3001Windows Vista x64 Edition \u548c Windows Vista x64 Edition Service Pack 1\u3001Windows Server 2008\uff08\u7528\u4e8e 32 \u4f4d\u7cfb\u7edf\uff09\u3001Windows Server 2008\uff08\u7528\u4e8e\u57fa\u4e8e x64 \u7684\u7cfb\u7edf\uff09\u548c Windows Server 2008\uff08\u7528\u4e8e\u57fa\u4e8e Itanium \u7684\u7cfb\u7edf\uff09\u3001\u5b89\u88c5\u5728 Microsoft Windows 2000 Service Pack 4 \u4e0a\u7684 Microsoft Internet Explorer 6 Service Pack 1\u3001SQL Server 2000 Reporting Services Service Pack 2\u3001SQL Server 2005 \u7684\u6240\u6709\u652f\u6301\u7248\u672c\u3001Microsoft Report Viewer 2005 Service Pack 1 Redistributable Package\u3001Microsoft Report Viewer 2008 Redistributable Package \u548c Microsoft Report Viewer 2008 Redistributable Package Service Pack 1<\/strong> \u7684\u6240\u6709\u53d7\u652f\u6301\u7248\u672c\uff0c\u6b64\u5b89\u5168\u66f4\u65b0\u7684\u7b49\u7ea7\u4e3a\u201c\u4e25\u91cd\u201d\u3002<br \/>\n<!--more--><br \/>\n\u5bf9\u4e8e <strong>Microsoft .NET Framework 1.1 \u548c Microsoft Windows 2000 \u4e0a\u7684 Microsoft .NET Framework 2.0\u3001Microsoft Office XP\u3001Microsoft Office 2003\u3001\u7528\u4e8e Microsoft Office 2003 \u7684\u6240\u6709\u53d7\u5f71\u54cd Office Viewer \u8f6f\u4ef6\u30012007 Microsoft Office System\u3001\u7528\u4e8e 2007 Microsoft Office System \u7684\u6240\u6709\u53d7\u5f71\u54cd Office Viewer \u8f6f\u4ef6\u3001Microsoft Office \u517c\u5bb9\u5305\u3001Microsoft Expression Web\u3001Microsoft Expression Web 2\u3001Microsoft Office Groove 2007 \u548c Microsoft Office Groove 2007 Service Pack 1\u3001Microsoft Office Project 2002\u3001Microsoft Office Visio 2002\u3001Microsoft Works 8.5 \u548c Microsoft Forefront Client Security 1.0<\/strong> \u7684\u6240\u6709\u53d7\u652f\u6301\u7248\u672c\uff0c\u6b64\u5b89\u5168\u66f4\u65b0\u7684\u4e25\u91cd\u7b49\u7ea7\u4e3a\u201c\u91cd\u8981\u201d\u3002<\/p>\n<p>\u6709\u5173\u8be6\u7ec6\u4fe1\u606f\uff0c\u8bf7\u53c2\u9605\u672c\u8282\u4e2d\u201c\u53d7\u5f71\u54cd\u548c\u4e0d\u53d7\u5f71\u54cd\u7684\u8f6f\u4ef6\u201d\u5c0f\u8282\u3002<\/p>\n<p>\u6b64\u5b89\u5168\u66f4\u65b0\u901a\u8fc7\u5728\u5448\u73b0 WMF \u56fe\u50cf\u3001\u4fee\u6539\u8bfb\u53d6 PNG \u6587\u4ef6\u65f6 GDI+ \u7ba1\u7406\u5806\u7f13\u51b2\u533a\u7684\u65b9\u5f0f\u3001\u4fee\u6539\u8bfb\u53d6 TIFF \u6587\u4ef6\u65f6 GDI+ \u5206\u914d\u7f13\u51b2\u533a\u6240\u4f7f\u7528\u7684\u65b9\u5f0f\uff0c\u5728 GDI+ \u5185\u90e8\u5f15\u5165\u6b63\u786e\u7684\u6570\u636e\u9a8c\u8bc1\u6765\u89e3\u51b3\u6f0f\u6d1e\u3002\u6b64\u66f4\u65b0\u4fee\u6539\u4e86\u8c03\u7528\u67d0\u4e9b .NET API \u65f6 GDI+ \u7ba1\u7406\u7f13\u51b2\u533a\u7684\u65b9\u5f0f\uff0c\u4fee\u6539\u4e86\u89e3\u6790 PNG \u56fe\u50cf\u65f6 GDI+ \u8ba1\u7b97\u6240\u9700\u7f13\u51b2\u533a\u5927\u5c0f\u7684\u65b9\u5f0f\uff0c\u5e76\u4e14\u4fee\u6539\u4e86 Microsoft Office \u6253\u5f00\u7279\u5236\u6587\u4ef6\u7684\u65b9\u5f0f\u3002 \u6709\u5173\u6f0f\u6d1e\u7684\u8be6\u7ec6\u4fe1\u606f\uff0c\u8bf7\u53c2\u9605\u4e0b\u4e00\u8282\u201c\u6f0f\u6d1e\u4fe1\u606f\u201d\u4e0b\u9762\u7279\u5b9a\u6f0f\u6d1e\u6761\u76ee\u7684\u201c\u5e38\u89c1\u95ee\u9898 (FAQ)\u201d\u5c0f\u8282\u3002<\/p>\n<p>\u5efa\u8bae\u3002 Microsoft \u5efa\u8bae\u7528\u6237\u7acb\u5373\u5e94\u7528\u6b64\u66f4\u65b0\u3002<\/p>\n<p>\u5df2\u77e5\u95ee\u9898\u3002 Microsoft \u77e5\u8bc6\u5e93\u6587\u7ae0 957488 \u4ecb\u7ecd\u4e86\u5ba2\u6237\u5728\u5b89\u88c5\u6b64\u5b89\u5168\u66f4\u65b0\u65f6\u53ef\u80fd\u9047\u5230\u7684\u5f53\u524d\u5df2\u77e5\u95ee\u9898\u3002<\/p>\n<p>\u82f1\u6587\u7248<br \/>\n<a href=\"http:\/\/www.microsoft.com\/technet\/security\/Bulletin\/MS09-062.mspx\" target=\"_blank\">http:\/\/www.microsoft.com\/technet\/security\/Bulletin\/MS09-062.mspx<\/a><\/p>\n<p>\u7b80\u4f53\u4e2d\u6587\u7248<br \/>\n<a href=\"http:\/\/www.microsoft.com\/china\/technet\/security\/Bulletin\/MS09-062.mspx\" target=\"_blank\">http:\/\/www.microsoft.com\/china\/technet\/security\/Bulletin\/MS09-062.mspx<\/a><\/p>\n<!-- AddThis Advanced Settings generic via filter on the_content --><!-- AddThis Share Buttons generic via filter on the_content -->","protected":false},"excerpt":{"rendered":"<p>\u6b64\u5b89\u5168\u66f4\u65b0\u53ef\u89e3\u51b3 Microsoft Windows GDI+ \u4e2d\u8bb8\u591a\u79d8\u5bc6\u62a5\u544a\u7684\u6f0f\u6d1e\u3002\u5982\u679c\u7528\u6237\u4f7f\u7528\u53d7\u5f71\u54cd\u7684\u8f6f\u4ef6\u67e5\u770b\u7279\u5236\u56fe\u50cf\u6587\u4ef6\u6216\u6d4f\u89c8\u5305\u542b\u7279\u5236\u5185\u5bb9\u7684\u7f51\u7ad9\uff0c\u5219\u8fd9\u4e9b\u6f0f\u6d1e\u53ef\u80fd\u5141\u8bb8\u8fdc\u7a0b\u6267\u884c\u4ee3\u7801\u3002\u90a3\u4e9b\u5e10\u6237\u88ab\u914d\u7f6e\u4e3a\u62e5\u6709\u8f83\u5c11\u7cfb\u7edf\u7528\u6237\u6743\u9650\u7684\u7528\u6237\u6bd4\u5177\u6709\u7ba1\u7406\u7528\u6237\u6743\u9650\u7684\u7528\u6237\u53d7\u5230\u7684\u5f71\u54cd\u8981\u5c0f\u3002 \u5bf9\u4e8e Windows XP \u548c Windows Server 2003\u3001Windows Vista \u548c Windows Vista Service Pack 1\u3001Windows Vista&#8230;<!-- AddThis Advanced Settings generic via filter on get_the_excerpt --><!-- AddThis Share Buttons generic via filter on get_the_excerpt --><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[28],"tags":[457],"_links":{"self":[{"href":"http:\/\/down.cdhaha.net\/index.php?rest_route=\/wp\/v2\/posts\/615"}],"collection":[{"href":"http:\/\/down.cdhaha.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/down.cdhaha.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/down.cdhaha.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/down.cdhaha.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=615"}],"version-history":[{"count":0,"href":"http:\/\/down.cdhaha.net\/index.php?rest_route=\/wp\/v2\/posts\/615\/revisions"}],"wp:attachment":[{"href":"http:\/\/down.cdhaha.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=615"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/down.cdhaha.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=615"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/down.cdhaha.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=615"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}