[NT] Vulnerabilities in Microsoft Works File Converter Allows Code Execution (MS08-011)
- From: SecuriTeam <support@xxxxxxxxxxxxxx>
- Date: 15 Feb 2008 09:06:30 +0200
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
The SecuriTeam alerts list - Free, Accurate, Independent.
Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html
- - - - - - - - -
Vulnerabilities in Microsoft Works File Converter Allows Code Execution
(MS08-011)
------------------------------------------------------------------------
SUMMARY
This important security update resolves three privately reported
vulnerabilities in the Microsoft Works File Converter. These
vulnerabilities could allow remote code execution if a user opens a
specially crafted Works (.wps) file with an affected version of Microsoft
Office, Microsoft Works, or Microsoft Works Suite. An attacker who
successfully exploited this vulnerability could take complete control of
an affected system. An attacker could then install programs; view, change,
or delete data; or create new accounts with full user rights.
This is an important security update for all supported editions of
Microsoft Works Converter. For more information, see the subsection,
Affected and Non-Affected Software, in this section.
DETAILS
Affected Software
Office Suite and Other Affected Software - Component - Maximum Security
Impact - Aggregate Severity Rating - Bulletins Replaced by this Update
* Microsoft Office 2003 Service Pack 2 - Microsoft Works 6 File Converter
(KB943973) - Remote Code Execution - Moderate - None
* Microsoft Office 2003 Service Pack 3 - Microsoft Works 6 File Converter
(KB943973) - Remote Code Execution - Moderate - None
* Microsoft Works 8.0 - Microsoft Works 6 File Converter (KB943973) -
Remote Code Execution - Important - None
* Microsoft Works Suite 2005 - Microsoft Works 6 File Converter
(KB943973) - Remote Code Execution - Important - None
Non-Affected Software
* Microsoft Works 8.5
* Microsoft Works 9.0
* Microsoft Works Suite 2006
* 2007 Microsoft Office System
* Microsoft Office 2000
* Microsoft Office XP
Microsoft Works File Converter Input Validation Vulnerability -
CVE-2007-0216
A remote code execution vulnerability exists in Microsoft Works File
Converter due to the way that it improperly validates section length
headers with the .wps format. An attacker who successfully exploited this
vulnerability could take complete control of an affected system. An
attacker could then install programs; view, change, or delete data; or
create new accounts.
CVE Information:
<http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0216>
CVE-2007-0216
Microsoft Works File Converter Index Table Vulnerability - CVE-2008-0105
A remote code execution vulnerability exists in Microsoft Works File
Converter due to the way that it improperly validates section header index
table information with the .wps file format. An attacker who successfully
exploited this vulnerability could take complete control of an affected
system. An attacker could then install programs; view, change, or delete
data; or create new accounts.
CVE Information:
<http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0105>
CVE-2008-0105
Microsoft Works File Converter Field Length Vulnerability - CVE-2008-0108
A remote code execution vulnerability exists in Microsoft Works File
Converter due to the way that it improperly validates various field
lengths information with the .wps file format. An attacker who
successfully exploited this vulnerability could take complete control of
an affected system. An attacker could then install programs; view, change,
or delete data; or create new accounts.
CVE Information:
<http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0108>
CVE-2008-0108
ADDITIONAL INFORMATION
The information has been provided by Microsoft Product Security.
The original article can be found at:
<http://www.microsoft.com/technet/security/bulletin/ms08-011.mspx>
http://www.microsoft.com/technet/security/bulletin/ms08-011.mspx
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@xxxxxxxxxxxxxx
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@xxxxxxxxxxxxxx
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
- Prev by Date: [NT] Vulnerability in OLE Automation Allows Code Execution
- Next by Date: [NT] Cumulative Security Update for Internet Explorer (MS08-010)
- Previous by thread: [NT] Vulnerability in OLE Automation Allows Code Execution
- Next by thread: [NT] Cumulative Security Update for Internet Explorer (MS08-010)
- Index(es):
Relevant Pages
|
