La date de la dcouverte:03/11/2011
En circulation:Oui
Infections signales Faible
Potentiel de distribution:Faible
Potentiel de destruction:Faible
Fichier statique:Non
Version du moteur de scan:

 Gnral Plateformes / Systmes d'exploitation:
   • Windows XP
   • Windows 2003
    Windows Vista
    Windows Server 2008
    Windows 7

Effets secondaires:
    Peut tre utilis pour excuter un code malveillant
   • Il emploie les vulnrabilits de software

 Dtection spciale CVE-2011-3402

The exploit EXP/CVE-2011-3402 is targeting the True-Type-Font parsing engine which is run in kernel-mode. This fact makes this exploit very dangerous as an attacker can gain system level privileges.

An exploitation gives the attacker the ability to install programs/drivers, view, change, or delete data or he could create new accounts with full user rights.

In an e-mail scenario the exploit needs user interaction (for instance by opening a malicious word document) to get executed. The discovered exploit comes in the form of a Microsoft word document.

Other possibilities may include using embedded TTF fonts in other types of files such as PDF.

Historique de la version:   ( 07/11/2011 )

説明の挿入者 Andrei Gherman の 2011年11月7日月曜日
説明の更新者 Andrei Gherman の 2011年11月7日月曜日

戻る . . . .
https:// このウィンドウは暗号化されています。