[Full-Disclosure] Fw: warning

From: Thor Larholm (full-disclosure@lists.netsys.com)
Date: 07/30/02


From: full-disclosure@lists.netsys.com (Thor Larholm)
Date: Tue, 30 Jul 2002 17:52:10 +0200


----- Original Message -----
From: "Thor Larholm" <thor@pivx.com>
To: <guninski@guninski.com>; <NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM>;
<bugtraq@securityfocus.com>
Sent: Tuesday, July 30, 2002 5:22 PM
Subject: RE: warning

> If your vulnerability deals with the "Office Web Components" then no
warning
> should be necessary at this point, since Microsoft already yanked the OWC
> downloads (both OWC 9 and 10) from their download pages back in April when
> GreyMagic Software uncovered several vulnerabilities in them.
>
> From their download page (
> http://office.microsoft.com/downloads/2002/owc10.aspx ):
> "Microsoft has temporarily removed the Office Web Components while we
> conduct an investigation of potential security vulnerabilities. At the
> completion of our investigation, the OWC will be reposted. Thank you for
> your patience."
>
> Appareantly, researching these vulnerabilities must be very hard on MS
> (despite their simplicity) since this has been so for a quarter of a year
by
> now. The vulns that triggered this action:
>
> http://sec.greymagic.com/adv/gm005-ie/
> http://sec.greymagic.com/adv/gm006-ie/
> http://sec.greymagic.com/adv/gm007-ie/
> http://sec.greymagic.com/adv/gm008-ie/
>
> And again, these are still unpatched together with the total of 21
publicly
> known unpatched vulnerabilities currently found in IE:
>
> http://www.pivx.com/larholm/unpatched/
>
> Of course, if you have installed Office by itself then you probably
already
> have OWC installed. Luckily this can be uninstalled separately by going to
>
> ControlPanel - Add/Remove programs - Office - Change - Office Tools -
> Office Web Components.
>
> If a system administrator installed OWC from a network share, then OWC
will
> be silently re-installed when used again - in which case you are out of
> luck.
>
> If your vulnerability did not deal with OWC, then apologize my intrusion
and
> let me guess on a Content-Type/Content-Disposition variant - though your
> suggested workaround would make no sense then :)
>
>
> Regards
> Thor Larholm, Security Researcher
> PivX Solutions, LLC
>
> Are You Secure?
> http://www.PivX.com
>
> -----Original Message-----
> From: Georgi Guninski [mailto:guninski@GUNINSKI.COM]
> Sent: 30. juli 2002 16:36
> To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
> Subject: warning
>
>
> Consider this a warning, full details to come soon.
> windows + ie 6.0 + office xp may get owned by visiting a web page.
> workaround/solution: disable "activex and plugins" until someone produce a
> patch.
> After this warning, don't whine about responsibity issues - first check
> microsoft's responsiblity in "help -> about"
>
> Georgi Guninski
> http://www.guninski.com
>