| Ãë¾àÁ¡ID |
26264 |
| À§Çèµµ |
40 |
| Æ÷Æ® |
139,445 |
| ÇÁ·ÎÅäÄÝ |
TCP |
| ºÐ·ù |
SMB |
| »ó¼¼¼³¸í |
ÇØ´ç ½Ã½ºÅÛ¿¡´Â 'Microsoft Word¿¡ ÀÖ´Â ¿ø°Ý ÄÚµå ½ÇÇà Ãë¾àÁ¡µé'¿¡ ´ëÇÑ hotfix(929434)°¡ ¼³Ä¡µÇ¾î ÀÖÁö ¾Ê´Ù. ÀÌ ¾÷µ¥ÀÌÆ®´Â °ø°ÝÀÚ°¡ »ç¿ëÀÚÀÇ ½Ã½ºÅÛ »ó¿¡ ÀÓÀÇÀÇ Äڵ带 ½ÇÇà½Ãų ¼ö ÀÖ°Ô ÇØ ÁÙ ¼ö ÀÖ´Â Microsoft Word¿¡ ÀÖ´Â »õ·Ó°Ô ¹ß°ßµÈ Ãë¾àÁ¡µéÀ» ±³Á¤ÇØ ÁØ´Ù. Microsoft Word 2000, 2002, 2003 ±×¸®°í Microsoft Works Suite 2000, 2002, 2003, 2004, 2005, ±×¸®°í 2006Àº ´ÙÁßÀÇ Ãë¾àÁ¡µé·Î ÀÎÇÏ¿© ¿ø°ÝÁöÀÇ °ø°ÝÀÚ°¡ ÀÓÀÇÀÇ Äڵ带 ½ÇÇà½Ãų ¼ö ÀÖ°Ô ÇØ ÁÙ ¼ö ÀÖ´Ù. Àß Á¶ÀÛµÈ Word ¹®¼¸¦ »ç¿ëÀÚ°¡ ¿¾î º¸µµ·Ï À¯µµÇÔÀ¸·Î½á, °ø°ÝÀÚ´Â Word¸¦ ÀÛµ¿ ÁßÀÎ »ç¿ëÀÚÀÇ ±ÇÇÑÀ» °¡Áö°í ÀÓÀÇÀÇ Äڵ带 ½ÇÇà½Ãų ¼ö ÀÖ´Ù. ¸¸¾à ±× »ç¿ëÀÚ°¡ °ü¸®ÀÚ ±ÇÇÑÀ» °¡Áö°í ·Î±×ÀεǾî ÀÖ´Ù¸é, °ø°ÝÀÚ´Â Ãë¾àÇÑ ½Ã½ºÅÛÀÇ ¿ÏÀüÇÑ Á¦¾î±ÇÀ» ¾ò¾î³¾ ¼ö ÀÖ´Ù.
* ¾Ë¸²: ÀÌ Á¡°ËÇ׸ñÀº Á¡°ËÇϱâ À§ÇÑ È£½ºÆ®·Î ·Î±×ÀÎ ÇÒ ¼ö ÀÖ´Â °ü¸®ÀÚ ±ÇÇÑÀ» °¡Áø °èÁ¤À» ÇÊ¿ä·Î ÇÑ´Ù. ÀÌ·¯ÇÑ Á¶°ÇÀÌ ¾ÈµÇ¸é Á¡°ËÀ» ¼öÇàÇÒ ¼ö ¾øÀ¸¸ç ¸ðµç Ãë¾àÇÑ È£½ºÆ®µé¿¡ ´ëÇؼ °ÅÁþ À½¼º¹ÝÀÀ(False Negative)À» º¸ÀÏ ¼ö ÀÖ´Ù.
* Âü°í »çÀÌÆ®:
http://www.microsoft.com/technet/security/Bulletin/MS07-014.mspx
http://www.kb.cert.org/vuls/id/167928
http://www.kb.cert.org/vuls/id/166700
http://www.kb.cert.org/vuls/id/996892
http://www.kb.cert.org/vuls/id/412225
http://www.frsirt.com/english/advisories/2006/4866
http://www.frsirt.com/english/advisories/2006/4920
http://www.frsirt.com/english/advisories/2007/0435
http://www.frsirt.com/english/advisories/2006/4997
http://www.frsirt.com/english/advisories/2007/0583
http://secunia.com/advisories/23232
http://secunia.com/advisories/23205
http://secunia.com/advisories/23950
http://research.eeye.com/html/alerts/zeroday/20061212.html
http://www.milw0rm.com/exploits/2922
http://www.milw0rm.com/sploits/12122006-djtest.doc
http://vil.mcafeesecurity.com/vil/content/v_141056.htm
http://vil.mcafeesecurity.com/vil/content/v_vul27249.htm
http://blogs.technet.com/msrc/archive/2006/12/10/new-report-of-a-word-zero-day.aspx
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9005698&intsrc=hm_list
* ¿µÇâÀ» ¹Þ´Â Ç÷§Æû:
Microsoft Word 2003 Viewer Any version
Microsoft Office 2000 SP3
Microsoft Office 2003 SP1 ±×¸®°í SP2
Microsoft Office XP SP3
Microsoft Word 2000, 2002, 2003
Microsoft Works Suite 2000, 2002, 2003, 2004, 2005 ±×¸®°í 2006
Microsoft Windows Any version |
| ÇØ°áÃ¥ |
´ÙÀ½ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ® º¸¾È °Ô½Ã¹° MS07-014¸¦ ÂüÁ¶ÇÏ¿© ½Ã½ºÅÛ¿¡ ´ëÇÑ ÀûÀýÇÑ ÆÐÄ¡(929434)¸¦ Àû¿ëÇÑ´Ù:
http://www.microsoft.com/technet/security/bulletin/ms07-014.mspx |
| °ü·Ã URL |
CVE-2006-5994,CVE-2006-6456,CVE-2006-6561,CVE-2007-0208,CVE-2007-0209,CVE-2007-0515 (CVE) |
| °ü·Ã URL |
22477,22482 (SecurityFocus) |
| °ü·Ã URL |
30738,30806,30885,31834,32104,32503 (ISS) |
|
