¡à ÇØ´ç½Ã½ºÅÛ
o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
- Microsoft Office XP SP3
- Microsoft Office 2003 SP3
- Microsoft Office 2000, XP, 2003 Web Components SP3
- Microsoft Office 2003 Web Components SP1 for 2007 Microsoft Office System
- Microsoft Internet Security and Acceleration Server 2004 Standard Edition SP3
- Microsoft Internet Security and Acceleration Server 2004 Enterprise Edition SP3
- Microsoft Internet Security and Acceleration Server 2006 Standard Edition SP1
- Microsoft Internet Security and Acceleration Server 2006 Enterprise Edition SP1
- Microsoft Biztalk Server 2002
- Microsoft Visual Studio .NET 2003 SP1
- Microsoft Office Small Business Accouting 2006
o ¿µÇâ¹ÞÁö ¾Ê´Â ¼ÒÇÁÆ®¿þ¾î
- 2007 Microsoft Office Suite SP1, SP2
- Microsoft Office 2004, 2008 for Mac
- Microsoft Office PowerPoint Viewer 2003
- Microsoft Office Word Viewer 2003, SP3
- Microsoft Office Excel Viewer, Excel Viewer 2003, SP3
- Microsoft Office PowerPoint 2007 Viewer, SP1
- Microsoft Internet Security and Accerlation Server 2000 SP2
- Microsoft BizTalk Server 2004, 2006, 2009
- Microsoft Visual Studio 2005, SP1
- Microsoft Visual Studio 2008, SP1
- Microsoft Visual Studio 2010
¡à ¿µÇâ
o °ø°ÝÀÚ°¡ ¿µÇâ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ
¡à ¼³¸í
o Office Web Component Active ÄÁÆ®·Ñ ³» Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°ÝÄÚµå½ÇÇà °¡´É ¹®Á¦Á¡
¡Ø Office Web Component(OWC) : MS Office Á¦Ç°±º¿¡¼ ActiveX ÄÁÆ®·Ñ ÇüÅ·ΠÁ¦°øµÇ´Â
OLE ¿ä¼ÒµéÀÇ ±×·ì
o °ø°ÝÀÚ´Â ¾ÇÀÇÀûÀÎ À¥ÆäÀÌÁö¸¦ ±¸¼ºÇÑ ÈÄ À̸ÞÀÏ µîÀ» ÅëÇÏ¿© »ç¿ëÀÚ·Î ÇÏ¿©±Ý ¹æ¹®Çϵµ·Ï
À¯µµÇÔ. °ø°ÝÀÌ ¼º°øÇÏ¸é °ø°ÝÀÚ´Â ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ °¡´É
o °ü·ÃÃë¾àÁ¡ :
- Office Web Components Memory Allocation Vulnerability - CVE-2009-0562
- Office Web Components Heap Corruption Vulnerability - CVE-2009-2496
- Office Web Components HTML Script Vulnerability - CVE-2009-1136
- Office Web Components Buffer Overflow Vulnerability - CVE-2009-1534
o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà
o Á߿䵵 : ±ä±Þ
¡à ÇØ°áÃ¥
o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë
¡à ÂüÁ¶»çÀÌÆ®
o ¿µ¹® : http://www.microsoft.com/technet/security/Bulletin/MS09-043.mspx
o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS09-043.mspx
|