| Ãë¾àÁ¡ID |
50003 |
| À§Çèµµ |
40 |
| Æ÷Æ® |
139,445 |
| ÇÁ·ÎÅäÄÝ |
TCP |
| ºÐ·ù |
SMB |
| »ó¼¼¼³¸í |
ÇØ´ç È£½ºÆ®¿¡´Â 11.6.0.626 ÀÌÀüÀÇ Shockwave PlayerÀÇ ¾î¶² ¹öÀüÀÌ ¼³Ä¡µÇ¾î ÀÖ´Ù. Shockwave Player 11.6.0.626 ÀÌÀüÀÇ ¹öÀüµéÀº ´ÙÀ½°ú °°Àº ´ÙÁßÀÇ Ãë¾àÁ¡ÀÌ Á¸ÀçÇÏ°íÇ÷¯±×ÀÎ ÇüÅ·Π»ç¿ëÇÏ´Â À¥ ºê¶ó¿ìÀú´Â ÀÌ Ãë¾àÁ¡ÀÇ ¿µÇâÀ» ¹Þ´Â´Ù.
- 'Dirapi.dll' ÄÄÆ÷³ÍÆ®¿¡ ´ÙÁß ¸Þ¸ð¸® corruption Ãë¾àÁ¡ÀÌ Á¸ÀçÇØ ÀÓÀÇÀÇ Äڵ尡 ½ÇÇà µÉ ¼ö ÀÖ´Ù.
- Á¤ÀǵÇÁö ¾ÊÀº µðÀÚÀÎ °áÇÔÀ¸·Î ÀÎÇÏ¿© ÀÓÀÇÀÇ Äڵ尡 ½ÇÇà µÉ ¼ö ÀÖ´Ù.
- 'Dirapi.dll' ÄÄÆ÷³ÍÆ®¿¡ ´ÙÁß Á¤¼ö Ãë¾àÁ¡ÀÌ Á¸ÀçÇØ ÀÓÀÇÀÇ Äڵ尡 ½ÇÇà µÉ ¼ö ÀÖ´Ù.
- 'IML32.dll' ÄÄÆ÷³ÍÆ®¿¡ ´ÙÁß ¸Þ¸ð¸® corruption Ãë¾àÁ¡ÀÌ Á¸ÀçÇØ ÀÓÀÇÀÇ Äڵ尡 ½ÇÇà µÉ ¼ö ÀÖ´Ù.
- 'IML32.dll' ÄÄÆ÷³ÍÆ®¿¡ ´ÙÁß ¹öÆÛ ¿À¹öÇ÷οì Ãë¾àÁ¡ÀÌ Á¸ÀçÇØ ÀÓÀÇÀÇ Äڵ尡 ½ÇÇà µÉ ¼ö ÀÖ´Ù.
- 'Shockwave3DAsset' ÄÄÆ÷³ÍÆ®¿¡ ´ÙÁß ¹öÆÛ ¿À¹öÇ÷οì Ãë¾àÁ¡ÀÌ Á¸ÀçÇØ ÀÓÀÇÀÇ Äڵ尡 ½ÇÇà µÉ ¼ö ÀÖ´Ù.
- Á¤ÀǵÇÁö ¾ÊÀº ´ÙÁß ¸Þ¸ð¸® corruption Ãë¾àÁ¡ÀÌ Á¸ÀçÇØ ÀÓÀÇÀÇ Äڵ尡 ½ÇÇà µÉ ¼ö ÀÖ´Ù.
- 'FLV ASSET Extra' ÄÄÆ÷³ÍÆ®ÀÇ ÀԷ°ª üũ ¿À·ù·Î ÀÎÇÏ¿© ÀÓÀÇÀÇ Äڵ尡 ½ÇÇà µÉ ¼ö ÀÖ´Ù.
- 'CursorAsset x32' ÄÄÆ÷³ÍÆ®ÀÇ Á¤¼ö ¿À¹öÇ÷οì Ãë¾àÁ¡À¸·Î ÀÎÇÏ¿© ÀÓÀÇÀÇ Äڵ尡 ½ÇÇà µÉ ¼ö ÀÖ´Ù.
- Á¤ÀǵÇÁö ¾ÊÀº Á¤¼ö ¿À¹öÇ÷οì Ãë¾àÁ¡À¸·Î ÀÎÇÏ¿© ÀÓÀÇÀÇ Äڵ尡 ½ÇÇà µÉ ¼ö ÀÖ´Ù.
- 'Shockwave 3D Asset x32' ÄÄÆ÷³ÍÆ®ÀÇ Á¤¼ö ¿À¹ö Ç÷οì Ãë¾àÁ¡À¸·Î ÀÎÇÏ¿© ÀÓÀÇÀÇ Äڵ尡 ½ÇÇà µÉ ¼ö ÀÖ´Ù.
- 'Dirapix.dll' ÄÄÆ÷³ÍÆ®ÀÇ ¹öÆÛ ¿À¹öÇ÷οì Ãë¾àÁ¡À¸·Î ÀÎÇÏ¿© ÀÓÀÇÀÇ Äڵ尡 ½ÇÇà µÉ ¼ö ÀÖ´Ù.
- Á¤ÀǵÇÁö ¾ÊÀº ¹öÆÛ ¿À¹öÇ÷οì Ãë¾àÁ¡À¸·Î ÀÎÇÏ¿© ÀÓÀÇÀÇ Äڵ尡 ½ÇÇà µÉ ¼ö ÀÖ´Ù.
* ¾Ë¸²: ÀÌ Á¡°ËÇ׸ñÀº Á¡°ËÇϱâ À§ÇÑ È£½ºÆ®·Î ·Î±×ÀÎ ÇÒ ¼ö ÀÖ´Â °ü¸®ÀÚ ±ÇÇÑÀ» °¡Áø °èÁ¤À» ÇÊ¿ä·Î ÇÑ´Ù. ÀÌ·¯ÇÑ Á¶°ÇÀÌ ¾ÈµÇ¸é Á¡°ËÀ» ¼öÇàÇÒ ¼ö ¾øÀ¸¸ç ¸ðµç Ãë¾àÇÑ È£½ºÆ®µé¿¡ ´ëÇؼ °ÅÁþ À½¼º¹ÝÀÀ(False Negative)À» º¸ÀÏ ¼ö ÀÖ´Ù.
* Âü°í »çÀÌÆ®:
http://www.zerodayinitiative.com/advisories/ZDI-11-200/
http://www.zerodayinitiative.com/advisories/ZDI-11-201/
http://www.zerodayinitiative.com/advisories/ZDI-11-202/
http://www.zerodayinitiative.com/advisories/ZDI-11-203/
http://www.zerodayinitiative.com/advisories/ZDI-11-204/
http://www.zerodayinitiative.com/advisories/ZDI-11-205/
http://www.zerodayinitiative.com/advisories/ZDI-11-206/
http://www.zerodayinitiative.com/advisories/ZDI-11-207/
http://www.zerodayinitiative.com/advisories/ZDI-11-208/
http://www.zerodayinitiative.com/advisories/ZDI-11-209/
http://www.zerodayinitiative.com/advisories/ZDI-11-210/
http://www.zerodayinitiative.com/advisories/ZDI-11-211/
http://www.zerodayinitiative.com/advisories/ZDI-11-212/
http://www.zerodayinitiative.com/advisories/ZDI-11-213/
http://www.zerodayinitiative.com/advisories/ZDI-11-214/
http://www.zerodayinitiative.com/advisories/ZDI-11-215/
http://www.zerodayinitiative.com/advisories/ZDI-11-216/
http://www.zerodayinitiative.com/advisories/ZDI-11-217/
http://www.adobe.com/support/security/bulletins/apsb11-17.html
* ¿µÇâÀ» ¹Þ´Â Ç÷§Æû:
Shockwave Player 11.6.0.626 ÀÌÀü ¹öÀü
Microsoft Windows Any version |
| ÇØ°áÃ¥ |
Adobe À¥ »çÀÌÆ®ÀÎ http://get.adobe.com/shockwave/ ¿¡¼ ±¸ÇÒ ¼ö ÀÖ´Â Shockwave PlayerÀÇ °¡Àå ÃֽŠ¹öÀü(11.6.0.626 ȤÀº ÀÌÈÄ)À¸·Î ¾÷±×·¹À̵å ÇÏ¿©¾ß ÇÑ´Ù. |
| °ü·Ã URL |
CVE-2011-0317,CVE-2011-0318,CVE-2011-0319,CVE-2011-0320,CVE-2011-0335,CVE-2011-2108,CVE-2011-2109,CVE-2011-2111,CVE-2011-2112,CVE-2011-2113 (CVE) |
| °ü·Ã URL |
48273,48275,48278,48284,48286,48287,48288,48289,48290,48291,48292,48294,48296,48297,48298,48299,48300,48302,48304,48306,48307,48308,48309 (SecurityFocus) |
| °ü·Ã URL |
(ISS) |
|
