| ActiveX漏洞分析与防御策略研究 |
| |
| 引用本文: | 贺才良,周安民,刘亮.ActiveX漏洞分析与防御策略研究[J].微型机与应用,2012,31(4):60-63. |
| |
| 作者姓名: | 贺才良 周安民 刘亮 |
| |
| 作者单位: | 四川大学信息安全研究所,四川成都,610064 |
| |
| 摘 要: | ActiveX漏洞是一种常见的漏洞,其近年来又有回升的趋势。由于ActiveX控件通常与IE浏览器结合使用,使得ActiveX漏洞几乎等同于IE本身的漏洞,因此其危害性极大。通过细致分析UUSee网络电视UUPlayer.ocx控件缓冲区溢出漏洞,剖析了ActiveX溢出漏洞的形成原因,然后基于开发者和终端用户的角度,总结出了有效针对ActiveX控件漏洞的安全防御策略。
|
| 关 键 词: | ActiveX控件 溢出 攻击 防御 |
ActiveX vulnerabil!ty analysis and defense strategy |
| |
| He Cailiang,Zhou Anmin,Liu Liang.ActiveX vulnerabil!ty analysis and defense strategy[J].Microcomputer & its Applications,2012,31(4):60-63. |
| |
| Authors: | He Cailiang Zhou Anmin Liu Liang |
| |
| Affiliation: | (Institute of Information Security,Sichuan University,Chengdu 610064,China) |
| |
| Abstract: | ActiveX vulnerabilities are common vulnerabilities,which has a rebounding trend in recent years.As ActiveX controls are often used in combination with IE,ActiveX flaws are almost equivalent to vulnerabilities of IE,resulting their big harm.In this paper,a detailed analysis of UUPlayer.ocx control buffer overflow vulnerability of UUSee network television analyses the causes of the ActiveX buffer-overflow vulnerability,and then from the developers and end-user point of view,summed up effective defense strategies for ActiveX controls vulnerabilities. |
| |
| Keywords: | ActiveX control overflow attack defense |
| 本文献已被 CNKI 万方数据 等数据库收录! |
|
