Latest Post | Last 10 Posts | Archives
Previous Post: McAfee isn’t “McAfee Secure” or “Hacker Safe”
Next Post: Details, details, details… more on the Microsoft flaws from today
Posted in:
A remote code execution vulnerability exists in the way that Microsoft Office handles specially crafted Rich Text Format (.rtf) files. The vulnerability could allow remote code execution if a user opens a specially crafted .rtf file with malformed strings in Word or previews a specially crafted .rtf file with malformed strings in rich text e-mail. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.The Zero Day Initiative gets credit for the find. CVE-2008-1434: Microsoft's update addresses a Word cascading style sheet vulnerability. Microsoft says: "A remote code execution vulnerability exists in the way that Microsoft Word handles specially crafted Word files. The vulnerability could allow remote code execution if a user opens a specially crafted Word file that includes a malformed CSS value." Jun Mao, working with iDefense Labs, gets credit. CVE-2008-0119: Microsoft fixed a vulnerability in Microsoft Publisher. Microsoft says:
A remote code execution vulnerability exists in the way Microsoft Publisher validates object header data. An attacker could exploit the vulnerability by sending a specially crafted Publisher file which could be included as an e-mail attachment, or hosted on a specially crafted or compromised Web site. If a user were logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system.Cocoruder of Fortinet Security Research gets credit for the find. Office 2000, 2003, 2007 impacted. CVE-2007-6026: Microsoft patched Windows 2000 Service Pack 4, Windows XP and Windows Server 2003 due to a buffer overrun vulnerability. Microsoft says:
A buffer overrun vulnerability exists in the Microsoft Jet Database Engine (Jet) that could allow remote code execution on an affected system. An attacker could exploit the vulnerability by creating a specially crafted database query and sending it through an application that is using Jet on an affected system. An attacker who successfully exploited this vulnerability could take complete control of an affected system.CERT, ISC/SANS and Aaron Portnoy of TippingPoint DVLabs get credit for reporting the issue. Two moderate vulnerabilities were patched affecting Microsoft Live OneCare, Antigen, Windows Defender and Forefront. CVE-2008-1437: Microsoft says:
A denial of service vulnerability exists in the way that the Microsoft Malware Protection Engine processes specially crafted files. An attacker could exploit the vulnerability by constructing a specially crafted file that could allow denial of service when received by the target computer system and scanned by the Microsoft Malware Protection Engine. An attacker who successfully exploited this vulnerability could cause the Microsoft Malware Protection Engine to stop responding and automatically restart.And CVE-2008-1438: Same vulnerability except this one allows an "attacker who successfully exploited this vulnerability could cause disk-space exhaustion, leading to a denial of service condition and automatic restart."
posted by Larry Dignan
May 13, 2008 @ 10:34 am
Previous Post: McAfee isn’t “McAfee Secure” or “Hacker Safe”
Next Post: Details, details, details… more on the Microsoft flaws from today
WordPress Mobile Edition available at alexking.org.
powered by WordPress.
