Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The WinVerifyTrust function in Authenticode Signature Verification 5.1, 6.0, and 6.1 in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly use unspecified fields in a file digest, which allows user-assisted remote attackers to execute arbitrary code via a modified (1) Portable Executable (PE) or (2) cabinet (aka .CAB) file that incorrectly appears to have a valid signature, aka "WinVerifyTrust Signature Validation Vulnerability."
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Microsoft Windows 程序'WinVerifyTrust'远程代码执行漏洞
Vulnerability Description
Windows Authenticode Signature Verification功能也称为WinVerifyTrust,用于对指定的对象执行信任验证操作。 Microsoft Windows认证签名验证中程序'WinVerifyTrust'存在远程代码执行漏洞。Windows Authenticode Signature Verification功能在处理PE和cabinet文件格式的某些文件digest字段时存在错误。匿名攻击者可以通过修改已有的签名可执行文件以篡改签名文件的未验证部分来利用此漏洞
CVSS Information
N/A
Vulnerability Type
N/A