摘要： 缓冲区溢出攻击目前已成为引发计算机安全问题的主要原因，微软公司发布的MS07-017动画光标处理漏洞就是一个“严重”等级的栈溢出漏洞。该文研究Win32操作系统中缓冲区溢出的原理与利用方法，以MS07-017安全公告中动画光标处理漏洞为实例，分析该漏洞产生的原理并讨论编写shellcode的一般方法，编写了一个恶意.ani动画光标文件生成器。

关键词: 缓冲区溢出, MS07-017安全公告, 动画光标处理漏洞

Abstract: Buffer overflow attack now becomes the main reason for the happening of security events. The MS07-017 animated cursor handling vulnerability presented by Microsoft is a stack overflow vulnerability rated as critical. This paper is mainly focused on the buffer overflow principle and exploitation on Win32 platform, and takes the MS07-017 animate cursor handling vulnerability as example to demonstrate the concepts. An in-depth analysis of this vulnerability is also presented in the paper to reveal how it occurs and a discussion of how to write the shellcode is available. A mal-formed animated cursor file generator is coded to prove the analysis.

Key words: buffer overflow, MS07-017 security announcement, animated cursor handling vulnerability

中图分类号: 

• TP309