| Ãë¾àÁ¡ID |
26243 |
| À§Çèµµ |
40 |
| Æ÷Æ® |
139,445 |
| ÇÁ·ÎÅäÄÝ |
TCP |
| ºÐ·ù |
SMB |
| »ó¼¼¼³¸í |
ÇØ´ç ½Ã½ºÅÛ¿¡´Â Internet Explorer¿¡ ´ëÇÑ 2006³â 8¿ù ´©Àû ÆÐÄ¡(Cumulative Patch)¿ë Hotfix (MS06-042, 918899)°¡ ¼³Ä¡µÇ¾î ÀÖÁö ¾Ê´Ù. ÀÌ ÆÐÄ¡´Â ´©Àû ¾÷µ¥ÀÌÆ®ÀÎ º¸¾È °Ô½Ã¹° (MS06-021, 916281)¿¡¼ Á¦°øµÈ ¾÷µ¥ÀÌÆ®¸¦ ´ëüÇÏ°í »õ·Î ¹ß°ßµÈ ´ÙÀ½ÀÇ °ø°³ Ãë¾àÁ¡¿¡ ´ëÇÑ ÇØ°áÃ¥À» Æ÷ÇÔÇÏ°í ÀÖ´Ù:
- Redirect Cross-Domain Á¤º¸ ³ëÃâ Ãë¾àÁ¡ (CVE-2006-3280): Á¤º¸ ³ëÃâ
- HTML Layout ¹× Positioning ¸Þ¸ð¸® Á¶ÀÛ Ãë¾àÁ¡ (CVE-2006-3450): ¿ø°Ý ÄÚµå ½ÇÇà
- CSS ¸Þ¸ð¸® Á¶ÀÛ Ãë¾àÁ¡ (CVE-2006-3451): ¿ø°Ý ÄÚµå ½ÇÇà
- HTML Rendering ¸Þ¸ð¸® Á¶ÀÛ Ãë¾àÁ¡ (CVE-2006-3637): ¿ø°Ý ÄÚµå ½ÇÇà
- COM ¿ÀºêÁ§Æ® ÀνºÅϽº »ý¼º ¸Þ¸ð¸® Á¶ÀÛ Ãë¾àÁ¡ (CVE-2006-3638): ¿ø°Ý ÄÚµå ½ÇÇà
- Source Element Cross-Domain Ãë¾àÁ¡ (CVE-2006-3639): ¿ø°Ý ÄÚµå ½ÇÇà ¹× Á¤º¸ ³ëÃâ
- Window Location Á¤º¸ ³ëÃâ Ãë¾àÁ¡ (CVE-2006-3640): Á¤º¸ ³ëÃâ
- FTP ¼¹ö ¸í·É ÁÖÀÔ Ãë¾àÁ¡ (CVE-2004-1166): ±ÇÇÑ »ó½Â
»ç¿ëÀÚ°¡ °ü¸®ÀÚ ±ÇÇÑÀ¸·Î ·Î±×¿ÂÇÑ °æ¿ì, °ø°ÝÀÚ°¡ ÀÌ Ãë¾àÁ¡ÀÇ °¡Àå ½É°¢ÇÑ ºÎºÐÀ» ¼º°øÀûÀ¸·Î ¾Ç¿ëÇÑ´Ù¸é ÇÁ·Î±×·¥ ¼³Ä¡, µ¥ÀÌÅÍ º¸±â, º¯°æ ¶Ç´Â »èÁ¦, ¸ðµç ±ÇÇÑÀ» °¡Áø »õ °èÁ¤ ¸¸µé±â µîÀÇ ÀÛ¾÷À» Æ÷ÇÔÇÏ¿© ÇØ´ç ½Ã½ºÅÛÀ» ¿ÏÀüÈ÷ Á¦¾îÇÒ ¼ö ÀÖ´Ù. ½Ã½ºÅÛ¿¡ ´ëÇÑ ³·Àº ±ÇÇÑÀÌ ÇÒ´çµÇ¾î ÀÖ´Â °èÁ¤ÀÇ »ç¿ëÀÚ´Â °ü¸®ÀÚ ±ÇÇÑÀ¸·Î ÀÛ¾÷ÇÏ´Â »ç¿ëÀÚ¿¡ ºñÇØ À§Ç輺ÀÌ ³·´Ù.
* ¾Ë¸²: ÀÌ Á¡°ËÇ׸ñÀº Á¡°ËÇϱâ À§ÇÑ ¿ø°ÝÁö È£½ºÆ®ÀÇ ·¹Áö½ºÆ®¸®¸¦ ¾×¼¼½ºÇÒ ¼ö ÀÖ´Â Guest ȤÀº ±× ÀÌ»óÀÇ ±ÇÇÑÀ» °¡Áø °èÁ¤À» ÇÊ¿ä·Î ÇÑ´Ù. ÀÌ·¯ÇÑ Á¶°ÇÀÌ ¾ÈµÇ¸é Á¡°ËÀ» ¼öÇàÇÒ ¼ö ¾øÀ¸¸ç ¸ðµç Ãë¾àÇÑ È£½ºÆ®µé¿¡ ´ëÇؼ °ÅÁþ À½¼º¹ÝÀÀ(False Negative)À» º¸ÀÏ ¼ö ÀÖ´Ù.
* Âü°í »çÀÌÆ®:
http://www.microsoft.com/technet/security/bulletin/ms06-042.mspx
http://secunia.com/advisories/20825/
http://www.securitytracker.com/alerts/2006/Jun/1016388.html
http://www.securitytracker.com/alerts/2004/Dec/1012444.html
http://www.us-cert.gov/cas/techalerts/TA06-220A.html
http://www.kb.cert.org/vuls/id/883108
http://www.kb.cert.org/vuls/id/119180
http://www.kb.cert.org/vuls/id/262004
http://www.kb.cert.org/vuls/id/340060
http://www.kb.cert.org/vuls/id/252764
* ¿µÇâÀ» ¹Þ´Â Ç÷§Æû:
Internet Explorer 5.01 SP4 on Windows 2000 SP4
Internet Explorer 6 SP1 on Microsoft Windows 2000 SP4, Windows XP SP1
Internet Explorer 6 for Windows XP SP1 (64-Bit Edition)
Internet Explorer 6 for Windows XP 64-Bit Edition Version 2003
Internet Explorer 6 for Windows XP SP2
Internet Explorer 6 for Windows Server 2003 SP1
Internet Explorer 6 for Windows Server 2003 64-Bit Edition |
| ÇØ°áÃ¥ |
´ÙÀ½ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ® º¸¾È °Ô½Ã¹° MS06-042¸¦ ÂüÁ¶ÇÏ¿© ½Ã½ºÅÛ¿¡ ´ëÇÑ ÀûÀýÇÑ ÆÐÄ¡(918899)¸¦ Àû¿ëÇÑ´Ù:
http://www.microsoft.com/technet/security/bulletin/ms06-042.mspx
-- ¶Ç´Â --
Windows Ç÷§ÆûµéÀ» À§ÇÑ ÆÐÄ¡µéÀº ¶ÇÇÑ Microsoft Windows Update À¥ »çÀÌÆ®ÀÎ http://windowsupdate.microsoft.com ¿¡¼µµ ±¸ÇÒ ¼ö ÀÖ´Ù. Windows Update´Â »ç¿ë ÁßÀÎ WindowsÀÇ ¹öÀüÀ» ÀÚµ¿À¸·Î ã¾Æ³»°í ÀûÀýÇÑ ÆÐÄ¡¸¦ Á¦°øÇØ ÁØ´Ù. |
| °ü·Ã URL |
CVE-2006-3280,CVE-2006-3450,CVE-2006-3451,CVE-2006-3637,CVE-2006-3638,CVE-2006-3639,CVE-2006-3640,CVE-2004-1166 (CVE) |
| °ü·Ã URL |
18682,19400 (SecurityFocus) |
| °ü·Ã URL |
27452,28034,28037,28043,28039,28040,28042,18384 (ISS) |
|
