摘要
ActiveX漏洞是一种常见的漏洞,其近年来又有回升的趋势。由于ActiveX控件通常与IE浏览器结合使用,使得ActiveX漏洞几乎等同于IE本身的漏洞,因此其危害性极大。通过细致分析UUSee网络电视UUPlayer.ocx控件缓冲区溢出漏洞,剖析了ActiveX溢出漏洞的形成原因,然后基于开发者和终端用户的角度,总结出了有效针对ActiveX控件漏洞的安全防御策略。
ActiveX vulnerabilities are common vulnerabilities, which has a rebounding trend in recent years. As ActiveX controls are often used in combination with IE, ActiveX flaws are almost equivalent to vulnerabilities of IE, resulting their big harm. In this paper, a detailed analysis of UUPlayer.ocx control buffer overflow vulnerability of UUSee network television analyses the causes of the ActiveX buffer-overflow vulnerability, and then from the developers and end-user point of view, summed up effective defense strategies for ActiveX controls vulnerabilities.
出处
《微型机与应用》
2012年第4期60-63,共4页
Microcomputer & Its Applications