|
|
|
|
| |
Credit:
The information has been provided by wushi of team509 and the SureRun Security Team.
The original article can be found at: http://www.zerodayinitiative.com/advisories/ZDI-09-057
|
| |
Vulnerable Systems:
* Microsoft Remote Desktop
The specific flaw exists within mstscax.dll when parsing packets from an RDP server. A design flaw in the client allows a malicious RDP server to write to arbitrary memory inside the connecting processes memory space. By hosting a malicious RDP server, an attacker can execute arbitrary code on any client that attempts to connect to it. Privileges gained depend on which user is running the client.
Patch Availability:
Microsoft has issued an update to correct this vulnerability. More details can be found at:
http://www.microsoft.com/technet/security/bulletin/MS09-044.mspx
CVE Information:
CVE-2009-1133
Disclosure Timeline:
2008-04-07 - Vulnerability reported to vendor
2009-08-11 - Coordinated public release of advisory
|
|
|
|
|
