easyHDR Pro 多个缓冲区溢出漏洞

目前厂商已经发布了升级补丁以修复这个安全问题，补丁下载链接： Sun Solaris 10.0 Sun 145455-01 http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21 -140455-01-1 Debian Linux 4.0 powerpc Debian vnc4-common_4.1.1+X4.3.0-21+etch1_powerpc.deb http://security.debian.org/pool/updates/main/v/vnc4/vnc4-common_4.1.1+ X4.3.0-21+etch1_powerpc.deb Debian vnc4server_4.1.1+X4.3.0-21+etch1_powerpc.deb http://security.debian.org/pool/updates/main/v/vnc4/vnc4server_4.1.1+X 4.3.0-21+etch1_powerpc.deb Debian xvnc4viewer_4.1.1+X4.3.0-21+etch1_powerpc.deb http://security.debian.org/pool/updates/main/v/vnc4/xvnc4viewer_4.1.1+ X4.3.0-21+etch1_powerpc.deb Sun Solaris 10.0_x86 Sun 140456-01 http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21 -140456-01-1 Debian Linux 4.0 amd64 Debian vnc4-common_4.1.1+X4.3.0-21+etch1_amd64.deb http://security.debian.org/pool/updates/main/v/vnc4/vnc4-common_4.1.1+ X4.3.0-21+etch1_amd64.deb Debian vnc4server_4.1.1+X4.3.0-21+etch1_amd64.deb http://security.debian.org/pool/updates/main/v/vnc4/vnc4server_4.1.1+X 4.3.0-21+etch1_amd64.deb Debian xvnc4viewer_4.1.1+X4.3.0-21+etch1_amd64.deb http://security.debian.org/pool/updates/main/v/vnc4/xvnc4viewer_4.1.1+ X4.3.0-21+etch1_amd64.deb Debian Linux 4.0 ia-32 Debian vnc4-common_4.1.1+X4.3.0-21+etch1_i386.deb http://security.debian.org/pool/updates/main/v/vnc4/vnc4-common_4.1.1+ X4.3.0-21+etch1_i386.deb Debian vnc4server_4.1.1+X4.3.0-21+etch1_i386.deb http://security.debian.org/pool/updates/main/v/vnc4/vnc4server_4.1.1+X 4.3.0-21+etch1_i386.deb Debian xvnc4viewer_4.1.1+X4.3.0-21+etch1_i386.deb http://security.debian.org/pool/updates/main/v/vnc4/xvnc4viewer_4.1.1+ X4.3.0-21+etch1_i386.deb Debian Linux 4.0 hppa Debian vnc4-common_4.1.1+X4.3.0-21+etch1_hppa.deb http://security.debian.org/pool/updates/main/v/vnc4/vnc4-common_4.1.1+ X4.3.0-21+etch1_hppa.deb Debian vnc4server_4.1.1+X4.3.0-21+etch1_hppa.deb http://security.debian.org/pool/updates/main/v/vnc4/vnc4server_4.1.1+X 4.3.0-21+etch1_hppa.deb Debian xvnc4viewer_4.1.1+X4.3.0-21+etch1_hppa.deb http://security.debian.org/pool/updates/main/v/vnc4/xvnc4viewer_4.1.1+ X4.3.0-21+etch1_hppa.deb Debian Linux 4.0 sparc Debian vnc4-common_4.1.1+X4.3.0-21+etch1_sparc.deb http://security.debian.org/pool/updates/main/v/vnc4/vnc4-common_4.1.1+ X4.3.0-21+etch1_sparc.deb Debian vnc4server_4.1.1+X4.3.0-21+etch1_sparc.deb http://security.debian.org/pool/updates/main/v/vnc4/vnc4server_4.1.1+X 4.3.0-21+etch1_sparc.deb Debian xvnc4viewer_4.1.1+X4.3.0-21+etch1_sparc.deb http://security.debian.org/pool/updates/main/v/vnc4/xvnc4viewer_4.1.1+ X4.3.0-21+etch1_sparc.deb Debian Linux 4.0 s/390 Debian vnc4-common_4.1.1+X4.3.0-21+etch1_s390.deb http://security.debian.org/pool/updates/main/v/vnc4/vnc4-common_4.1.1+ X4.3.0-21+etch1_s390.deb Debian vnc4server_4.1.1+X4.3.0-21+etch1_s390.deb http://security.debian.org/pool/updates/main/v/vnc4/vnc4server_4.1.1+X 4.3.0-21+etch1_s390.deb Debian xvnc4viewer_4.1.1+X4.3.0-21+etch1_s390.deb http://security.debian.org/pool/updates/main/v/vnc4/xvnc4viewer_4.1.1+ X4.3.0-21+etch1_s390.deb Debian Linux 4.0 alpha Debian vnc4-common_4.1.1+X4.3.0-21+etch1_alpha.deb http://security.debian.org/pool/updates/main/v/vnc4/vnc4-common_4.1.1+ X4.3.0-21+etch1_alpha.deb Debian vnc4server_4.1.1+X4.3.0-21+etch1_alpha.deb http://security.debian.org/pool/updates/main/v/vnc4/vnc4server_4.1.1+X 4.3.0-21+etch1_alpha.deb Debian xvnc4viewer_4.1.1+X4.3.0-21+etch1_alpha.deb http://security.debian.org/pool/updates/main/v/vnc4/xvnc4viewer_4.1.1+ X4.3.0-21+etch1_alpha.deb Debian Linux 4.0 mipsel Debian vnc4-common_4.1.1+X4.3.0-21+etch1_mipsel.deb http://security.debian.org/pool/updates/main/v/vnc4/vnc4-common_4.1.1+ X4.3.0-21+etch1_mipsel.deb Debian vnc4server_4.1.1+X4.3.0-21+etch1_mipsel.deb http://security.debian.org/pool/updates/main/v/vnc4/vnc4server_4.1.1+X 4.3.0-21+etch1_mipsel.deb Debian xvnc4viewer_4.1.1+X4.3.0-21+etch1_mipsel.deb http://security.debian.org/pool/updates/main/v/vnc4/xvnc4viewer_4.1.1+ X4.3.0-21+etch1_mipsel.deb Debian Linux 4.0 ia-64 Debian vnc4-common_4.1.1+X4.3.0-21+etch1_ia64.deb http://security.debian.org/pool/updates/main/v/vnc4/vnc4-common_4.1.1+ X4.3.0-21+etch1_ia64.deb Debian vnc4server_4.1.1+X4.3.0-21+etch1_ia64.deb http://security.debian.org/pool/updates/main/v/vnc4/vnc4server_4.1.1+X 4.3.0-21+etch1_ia64.deb Debian xvnc4viewer_4.1.1+X4.3.0-21+etch1_ia64.deb http://security.debian.org/pool/updates/main/v/vnc4/xvnc4viewer_4.1.1+ X4.3.0-21+etch1_ia64.deb Debian Linux 4.0 mips Debian vnc4-common_4.1.1+X4.3.0-21+etch1_mips.deb http://security.debian.org/pool/updates/main/v/vnc4/vnc4-common_4.1.1+ X4.3.0-21+etch1_mips.deb Debian vnc4server_4.1.1+X4.3.0-21+etch1_mips.deb http://security.debian.org/pool/updates/main/v/vnc4/vnc4server_4.1.1+X 4.3.0-21+etch1_mips.deb Debian xvnc4viewer_4.1.1+X4.3.0-21+etch1_mips.deb http://security.debian.org/pool/updates/main/v/vnc4/xvnc4viewer_4.1.1+ X4.3.0-21+etch1_mips.deb

来源: XF 名称: easyhdrpro-hdr-bo(48119) 链接:http://xforce.iss.net/xforce/xfdb/48119 来源: BID 名称: 33363 链接:http://www.securityfocus.com/bid/33363 来源: BUGTRAQ 名称: 20090120 Secunia Research: EasyHDR Pro Radiance RGBE Buffer Overflow 链接:http://www.securityfocus.com/archive/1/archive/1/500192/100/0/threaded 来源: VUPEN 名称: ADV-2009-0190 链接:http://www.frsirt.com/english/advisories/2009/0190 来源: SREASON 名称: 4941 链接:http://securityreason.com/securityalert/4941 来源: MISC 链接:http://secunia.com/secunia_research/2008-61/ 来源: SECUNIA 名称: 33468 链接:http://secunia.com/advisories/33468 来源: OSVDB 名称: 51609 链接:http://osvdb.org/51609 来源: easyhdr.com 链接:http://easyhdr.com/version.php