Lexa Software: Security-Alerts@yandex-team.ru archive

		Apache-Talk @lexa.ru
		Inet-Admins @info.east.ru
		Filmscanners @halftone.co.uk
		Security-alerts @yandex-team.ru
		nginx-ru @sysoev.ru

СТАТЬИ

ПЕРСОНАЛЬНОЕ

ПРОГРАММЫ

ПИШИТЕ
ПИСЬМА

АРХИВ :: Security-alerts

Security-Alerts mailing list archive (security-alerts@yandex-team.ru)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[security-alerts] FW: [SA24152] Microsoft RichEdit OLE Dialog Memory Corruption Vulnerability

To: <security-alerts@xxxxxxxxxxxxxx>
Subject: [security-alerts] FW: [SA24152] Microsoft RichEdit OLE Dialog Memory Corruption Vulnerability
From: "Kazennov, Vladimir" <Vladimir.Kazennov@xxxxxxxxxx>
Date: Wed, 14 Feb 2007 10:13:48 +0300
Content-class: urn:content-classes:message
List-archive: <http://www.lexa.ru/security-alerts/> (Web Archive)
List-id: <security-alerts.yandex-team.ru>
List-subscribe: <mailto:majordomo@yandex-team.ru?body=subscribe%20security-alerts>
List-unsubscribe: <mailto:majordomo@yandex-team.ru?body=unsubscribe%20security-alerts>
Thread-index: AcdPvC+1/8egnI4yRpiJ0xHwxcbEZQAS2/2g
Thread-topic: [SA24152] Microsoft RichEdit OLE Dialog Memory Corruption Vulnerability

> ----------------------------------------------------------------------
> 
> TITLE:
> Microsoft RichEdit OLE Dialog Memory Corruption Vulnerability
> 
> SECUNIA ADVISORY ID:
> SA24152
> 
> VERIFY ADVISORY:
> http://secunia.com/advisories/24152/
> 
> CRITICAL:
> Moderately critical
> 
> IMPACT:
> System access
> 
> WHERE:
> From remote
> 
> OPERATING SYSTEM:
> Microsoft Windows 2000 Advanced Server
> http://secunia.com/product/21/
> Microsoft Windows 2000 Datacenter Server
> http://secunia.com/product/1177/
> Microsoft Windows 2000 Professional
> http://secunia.com/product/1/
> Microsoft Windows 2000 Server
> http://secunia.com/product/20/
> Microsoft Windows Server 2003 Datacenter Edition
> http://secunia.com/product/1175/
> Microsoft Windows Server 2003 Enterprise Edition
> http://secunia.com/product/1174/
> Microsoft Windows Server 2003 Standard Edition
> http://secunia.com/product/1173/
> Microsoft Windows Server 2003 Web Edition
> http://secunia.com/product/1176/
> Microsoft Windows Storage Server 2003
> http://secunia.com/product/12399/
> Microsoft Windows XP Home Edition
> http://secunia.com/product/16/
> Microsoft Windows XP Professional
> http://secunia.com/product/22/
> 
> SOFTWARE:
> Microsoft Access 2000
> http://secunia.com/product/36/
> Microsoft Access 2002
> http://secunia.com/product/35/
> Microsoft Access 2003
> http://secunia.com/product/4904/
> Microsoft Excel 2000
> http://secunia.com/product/3054/
> Microsoft Excel 2002
> http://secunia.com/product/4043/
> Microsoft Excel 2003
> http://secunia.com/product/4970/
> Microsoft Frontpage 2000
> http://secunia.com/product/27/
> Microsoft Frontpage 2002
> http://secunia.com/product/26/
> Microsoft Frontpage 2003
> http://secunia.com/product/6997/
> Microsoft InfoPath 2003
> http://secunia.com/product/6463/
> Microsoft Office 2000
> http://secunia.com/product/24/
> Microsoft Office 2003 Professional Edition
> http://secunia.com/product/2276/
> Microsoft Office 2003 Proofing Tools
> http://secunia.com/product/7426/
> Microsoft Visio 2003
> http://secunia.com/product/1092/
> Microsoft OneNote 2003
> http://secunia.com/product/7140/
> Microsoft Outlook 2000
> http://secunia.com/product/33/
> Microsoft Outlook 2002
> http://secunia.com/product/34/
> Microsoft Outlook 2003
> http://secunia.com/product/3292/
> Microsoft Word 2003 Viewer
> http://secunia.com/product/5523/
> Microsoft Word 2003
> http://secunia.com/product/4908/
> Microsoft Word 2002
> http://secunia.com/product/2150/
> Microsoft Word 2000
> http://secunia.com/product/2149/
> Microsoft Visio 2002
> http://secunia.com/product/1091/
> Microsoft Project 2002
> http://secunia.com/product/157/
> Microsoft Project 2003
> http://secunia.com/product/3170/
> Microsoft Publisher 2000
> http://secunia.com/product/29/
> Microsoft Publisher 2002
> http://secunia.com/product/30/
> Microsoft Publisher 2003
> http://secunia.com/product/10986/
> Microsoft Office 2004 for Mac
> http://secunia.com/product/8713/
> 
> DESCRIPTION:
> A vulnerability has been reported in Microsoft Windows and Microsoft
> Office, which can be exploited by malicious people to compromise a
> users system.
> 
> The vulnerability is caused due to an error in RichEdit components
> handling of OLE objects in RTF (Rich Text Format) files. This can be
> exploited to cause a memory corruption by e.g. tricking a user into
> opening a malicious RTF document using a Microsoft Office application
> and interact with a specially crafted, embedded OLE object.
> 
> SOLUTION:
> Apply patches.
> 
> Microsoft Windows 2000 Service Pack 4:
> http://www.microsoft.com/downloads/details.aspx?FamilyId=0b0b1
> 3d3-b2fb-4cf4-8ee1-51871d39eecd
> 
> Microsoft Windows XP Service Pack 2:
> http://www.microsoft.com/downloads/details.aspx?FamilyId=31594
> 28d-7212-4bf0-9699-3dbae5db6ca1
> 
> Microsoft Windows XP Professional x64 Edition:
> http://www.microsoft.com/downloads/details.aspx?FamilyId=daf2f
> 7ac-20b4-4ec9-9467-2ddd4fc493d6
> 
> Microsoft Windows Server 2003 (with or without SP1):
> http://www.microsoft.com/downloads/details.aspx?FamilyId=2e8d2
> 355-d5c5-406d-9322-5fe1b2134d2f
> 
> Microsoft Windows Server 2003 for Itanium-based Systems (with or
> without SP1):
> http://www.microsoft.com/downloads/details.aspx?FamilyId=ed6dd
> 20f-4c0b-48f7-a1f9-613265506835
> 
> Microsoft Windows Server 2003 x64 Edition:
> http://www.microsoft.com/downloads/details.aspx?FamilyId=3b6ee
> 258-b636-455b-8833-74dea6269e24
> 
> Microsoft Office 2000 Service Pack 3:
> (KB920906)
> http://www.microsoft.com/downloads/details.aspx?FamilyID=2FF67
> E78-2A08-45C9-A7AC-09678D060439
> 
> Microsoft Office XP Service Pack 3:
> (KB920816)
> http://www.microsoft.com/downloads/details.aspx?FamilyId=85C51
> 62C-FC35-40B4-AD04-ADD247950423
> 
> Microsoft Office 2003 Service Pack 2:
> (KB920813)
> http://www.microsoft.com/downloads/details.aspx?FamilyId=6C3BC
> AB8-0C99-4BE6-8DE7-71D463473A4A
> 
> Microsoft Project 2000 Service Release 1:
> (KB920906)
> http://www.microsoft.com/downloads/details.aspx?FamilyId=019B1
> 1FC-00B8-451C-AB3C-772780D4C46A
> 
> Microsoft Office 2000 Multilanguage Packs:
> (KB920906)
> http://www.microsoft.com/downloads/details.aspx?FamilyID=B5A08
> 7F8-74D2-4184-9986-23AB3C4EF7F2
> 
> Microsoft Project 2002 Service Pack 1:
> (KB920816)
> http://www.microsoft.com/downloads/details.aspx?FamilyId=D162C
> 366-C5E7-4850-B773-1FE669FAEEAF
> 
> Microsoft Visio 2002 Service Pack 2:
> (KB920816)
> http://www.microsoft.com/downloads/details.aspx?FamilyId=B4D2E
> 182-0997-46BC-94AC-B4B0A523C51C
> 
> Microsoft Learning Essentials 1.0, 1.1, and 1.5 for Microsoft
> Office:
> (KB929437)
> http://www.microsoft.com/downloads/details.aspx?FamilyId=6215B
> D5B-1CB3-4FED-B08C-C31A88A75EBD
> 
> Microsoft Global Input Method Editor for Office 2000 (Japanese):
> (KB920906)
> http://www.microsoft.com/downloads/details.aspx?FamilyID=2FF67
> E78-2A08-45C9-A7AC-09678D060439
> 
> Microsoft Office 2004 for Mac:
> (KB932185)
> http://www.microsoft.com/mac/
> 
> PROVIDED AND/OR DISCOVERED BY:
> The vendor credits:
> * Kostya Kortchinsky of Immunity, Inc.
> * Fabrice Desclaux of EADS Common Research Center.
> 
> ORIGINAL ADVISORY:
> MS07-013 (KB918118):
> http://www.microsoft.com/technet/security/Bulletin/MS07-013.mspx
>

Prev by Date: [security-alerts] FW: [SA24147] Microsoft Windows OLE Dialog Memory Corruption Vulnerability
Next by Date: [security-alerts] FW: Korean Web Sites Infect 92,000 PCs with Malware
Previous by thread: [security-alerts] FW: [SA24147] Microsoft Windows OLE Dialog Memory Corruption Vulnerability
Next by thread: [security-alerts] FW: Korean Web Sites Infect 92,000 PCs with Malware
Index(es):
- Date
- Thread