Security-Alerts mailing list archive (security-alerts@yandex-team.ru)
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[security-alerts] FW: [SA24152] Microsoft RichEdit OLE Dialog Memory Corruption Vulnerability
> ----------------------------------------------------------------------
>
> TITLE:
> Microsoft RichEdit OLE Dialog Memory Corruption Vulnerability
>
> SECUNIA ADVISORY ID:
> SA24152
>
> VERIFY ADVISORY:
> http://secunia.com/advisories/24152/
>
> CRITICAL:
> Moderately critical
>
> IMPACT:
> System access
>
> WHERE:
> From remote
>
> OPERATING SYSTEM:
> Microsoft Windows 2000 Advanced Server
> http://secunia.com/product/21/
> Microsoft Windows 2000 Datacenter Server
> http://secunia.com/product/1177/
> Microsoft Windows 2000 Professional
> http://secunia.com/product/1/
> Microsoft Windows 2000 Server
> http://secunia.com/product/20/
> Microsoft Windows Server 2003 Datacenter Edition
> http://secunia.com/product/1175/
> Microsoft Windows Server 2003 Enterprise Edition
> http://secunia.com/product/1174/
> Microsoft Windows Server 2003 Standard Edition
> http://secunia.com/product/1173/
> Microsoft Windows Server 2003 Web Edition
> http://secunia.com/product/1176/
> Microsoft Windows Storage Server 2003
> http://secunia.com/product/12399/
> Microsoft Windows XP Home Edition
> http://secunia.com/product/16/
> Microsoft Windows XP Professional
> http://secunia.com/product/22/
>
> SOFTWARE:
> Microsoft Access 2000
> http://secunia.com/product/36/
> Microsoft Access 2002
> http://secunia.com/product/35/
> Microsoft Access 2003
> http://secunia.com/product/4904/
> Microsoft Excel 2000
> http://secunia.com/product/3054/
> Microsoft Excel 2002
> http://secunia.com/product/4043/
> Microsoft Excel 2003
> http://secunia.com/product/4970/
> Microsoft Frontpage 2000
> http://secunia.com/product/27/
> Microsoft Frontpage 2002
> http://secunia.com/product/26/
> Microsoft Frontpage 2003
> http://secunia.com/product/6997/
> Microsoft InfoPath 2003
> http://secunia.com/product/6463/
> Microsoft Office 2000
> http://secunia.com/product/24/
> Microsoft Office 2003 Professional Edition
> http://secunia.com/product/2276/
> Microsoft Office 2003 Proofing Tools
> http://secunia.com/product/7426/
> Microsoft Visio 2003
> http://secunia.com/product/1092/
> Microsoft OneNote 2003
> http://secunia.com/product/7140/
> Microsoft Outlook 2000
> http://secunia.com/product/33/
> Microsoft Outlook 2002
> http://secunia.com/product/34/
> Microsoft Outlook 2003
> http://secunia.com/product/3292/
> Microsoft Word 2003 Viewer
> http://secunia.com/product/5523/
> Microsoft Word 2003
> http://secunia.com/product/4908/
> Microsoft Word 2002
> http://secunia.com/product/2150/
> Microsoft Word 2000
> http://secunia.com/product/2149/
> Microsoft Visio 2002
> http://secunia.com/product/1091/
> Microsoft Project 2002
> http://secunia.com/product/157/
> Microsoft Project 2003
> http://secunia.com/product/3170/
> Microsoft Publisher 2000
> http://secunia.com/product/29/
> Microsoft Publisher 2002
> http://secunia.com/product/30/
> Microsoft Publisher 2003
> http://secunia.com/product/10986/
> Microsoft Office 2004 for Mac
> http://secunia.com/product/8713/
>
> DESCRIPTION:
> A vulnerability has been reported in Microsoft Windows and Microsoft
> Office, which can be exploited by malicious people to compromise a
> users system.
>
> The vulnerability is caused due to an error in RichEdit components
> handling of OLE objects in RTF (Rich Text Format) files. This can be
> exploited to cause a memory corruption by e.g. tricking a user into
> opening a malicious RTF document using a Microsoft Office application
> and interact with a specially crafted, embedded OLE object.
>
> SOLUTION:
> Apply patches.
>
> Microsoft Windows 2000 Service Pack 4:
> http://www.microsoft.com/downloads/details.aspx?FamilyId=0b0b1
> 3d3-b2fb-4cf4-8ee1-51871d39eecd
>
> Microsoft Windows XP Service Pack 2:
> http://www.microsoft.com/downloads/details.aspx?FamilyId=31594
> 28d-7212-4bf0-9699-3dbae5db6ca1
>
> Microsoft Windows XP Professional x64 Edition:
> http://www.microsoft.com/downloads/details.aspx?FamilyId=daf2f
> 7ac-20b4-4ec9-9467-2ddd4fc493d6
>
> Microsoft Windows Server 2003 (with or without SP1):
> http://www.microsoft.com/downloads/details.aspx?FamilyId=2e8d2
> 355-d5c5-406d-9322-5fe1b2134d2f
>
> Microsoft Windows Server 2003 for Itanium-based Systems (with or
> without SP1):
> http://www.microsoft.com/downloads/details.aspx?FamilyId=ed6dd
> 20f-4c0b-48f7-a1f9-613265506835
>
> Microsoft Windows Server 2003 x64 Edition:
> http://www.microsoft.com/downloads/details.aspx?FamilyId=3b6ee
> 258-b636-455b-8833-74dea6269e24
>
> Microsoft Office 2000 Service Pack 3:
> (KB920906)
> http://www.microsoft.com/downloads/details.aspx?FamilyID=2FF67
> E78-2A08-45C9-A7AC-09678D060439
>
> Microsoft Office XP Service Pack 3:
> (KB920816)
> http://www.microsoft.com/downloads/details.aspx?FamilyId=85C51
> 62C-FC35-40B4-AD04-ADD247950423
>
> Microsoft Office 2003 Service Pack 2:
> (KB920813)
> http://www.microsoft.com/downloads/details.aspx?FamilyId=6C3BC
> AB8-0C99-4BE6-8DE7-71D463473A4A
>
> Microsoft Project 2000 Service Release 1:
> (KB920906)
> http://www.microsoft.com/downloads/details.aspx?FamilyId=019B1
> 1FC-00B8-451C-AB3C-772780D4C46A
>
> Microsoft Office 2000 Multilanguage Packs:
> (KB920906)
> http://www.microsoft.com/downloads/details.aspx?FamilyID=B5A08
> 7F8-74D2-4184-9986-23AB3C4EF7F2
>
> Microsoft Project 2002 Service Pack 1:
> (KB920816)
> http://www.microsoft.com/downloads/details.aspx?FamilyId=D162C
> 366-C5E7-4850-B773-1FE669FAEEAF
>
> Microsoft Visio 2002 Service Pack 2:
> (KB920816)
> http://www.microsoft.com/downloads/details.aspx?FamilyId=B4D2E
> 182-0997-46BC-94AC-B4B0A523C51C
>
> Microsoft Learning Essentials 1.0, 1.1, and 1.5 for Microsoft
> Office:
> (KB929437)
> http://www.microsoft.com/downloads/details.aspx?FamilyId=6215B
> D5B-1CB3-4FED-B08C-C31A88A75EBD
>
> Microsoft Global Input Method Editor for Office 2000 (Japanese):
> (KB920906)
> http://www.microsoft.com/downloads/details.aspx?FamilyID=2FF67
> E78-2A08-45C9-A7AC-09678D060439
>
> Microsoft Office 2004 for Mac:
> (KB932185)
> http://www.microsoft.com/mac/
>
> PROVIDED AND/OR DISCOVERED BY:
> The vendor credits:
> * Kostya Kortchinsky of Immunity, Inc.
> * Fabrice Desclaux of EADS Common Research Center.
>
> ORIGINAL ADVISORY:
> MS07-013 (KB918118):
> http://www.microsoft.com/technet/security/Bulletin/MS07-013.mspx
>
|