CVE-2009-3678

Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus

SecuriTeam™
Beyond Security®

SecuriTeam™ Home
Ask the Team
Mailing Lists
Advertising Info
Blogs

	SecuriTeam™ in Your Inbox

	E-mail this CVE-2009-3678 to a friend

New vulnerability?
New tool?
Tell us

Credit:
The original article can be found at: http://www.microsoft.com/technet/security/Bulletin/MS10-043.mspx

Website Security Scan	Code Vulnerability Test	Network Assessment Tool
Detect hidden vulnerabilities	Exhaustive automated testing	Real-time, continuous security
Get guidance from professionals	of internal or 3rd party code.	scanning for your entire network

Check for CVE-2009-3678

Vulnerability Assessment and Management.
Automated Pen Testing for 50 to 50,000 nodes
beyondsecurity.com/vulnerability-scanner

Vulnerable Systems:
* Microsoft Windows 7
* Microsoft Windows 2008 R2 for x64-based systems

A previously public (May 18, 2010) remote code execution vulnerability affects the Canonical Display Driver ( cdd.dll ) because it fails to properly parse information passed between user-mode and kernel-mode. An attacker can exploit this issue by tricking an unsuspecting victim into viewing a specially crafted image file. A successful exploit will result in the complete compromise of an affected computer.

Patch Availability:
Microsoft has released a patch to address this vulnerability under MS10-043. For more information please refer to:
http://www.microsoft.com/technet/security/Bulletin/MS10-043.mspx

CVE Information:
CVE-2009-3678

Disclosure Timeline:
13 Jul 2010 - Published

Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus