Focus on Microsoft
SecurityFocus Microsoft Newsletter #424 Dec 19 2008 04:20PM
Rob Keith (rkeith securityfocus com)
SecurityFocus Microsoft Newsletter #424
----------------------------------------

This issue is sponsored by Purewire

NEW! White Paper:
"Hackers Announce Open Season on Web 2.0 Users and Browsers"

Learn how hackers are exploiting your employees Web surfing to gain entry into your network. Drive-by Downloads, Click Jacking, AJAX, XSS and Browser vulns are just some of the nasty attack methods hackers are coming up with and it's no longer good enough to block known bad URL's.
Download this white paper now to mitigate your online security risks.
http://www.purewire.com/lp/sec

SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs

------------------------------------------------------------------
I. FRONT AND CENTER
1.Time to Exclude Bad ISPs
2.Standing on Other's Shoulders
II. MICROSOFT VULNERABILITY SUMMARY
1. Adobe Flash Player Unspecified Remote Security Vulnerability
2. Mozilla Thunderbird Malformed MIME Message Denial Of Service Vulnerability
3. Microsoft Internet Explorer 'Scripting.FileSystem' Security Bypass Vulnerability
4. Kerio MailServer WebMail Multiple Cross Site Scripting Vulnerabilities
5. Internet Explorer 8 CSS 'expression' Property Cross Site Scripting Filter Bypass Weakness
6. Computer Associates ARCserve Backup 'LDBServer' Remote Code Execution Vulnerability
7. Microsoft Internet Explorer XML Handling Remote Code Execution Vulnerability
8. Microsoft WordPad Text Converter Remote Code Execution Vulnerability
9. Microsoft SQL Server 'sp_replwritetovarbin' Remote Memory Corruption Vulnerability
10. Microsoft Outlook Express Malformed MIME Message Denial Of Service Vulnerability
11. RETIRED: RadASM '.rap' Project File Command Execution Vulnerability
12. Microsoft Windows Media Components ISATAP URL Handling Information Disclosure Vulnerability
13. Microsoft Windows Media Components 'Service Principle Name' Remote Code Execution Vulnerability
14. Microsoft Windows 'search-ms' Protocol Parsing Remote Code Execution Vulnerability
15. Microsoft Windows Saved Search File Handling Remote Code Execution Vulnerability
16. Microsoft Word RTF Malformed Control Word Variant 2 Remote Code Execution Vulnerability
17. Microsoft SharePoint Server Unauthorized Access Vulnerability
18. Microsoft Windows GDI File Size Parameter Heap Overflow Vulnerability
19. Microsoft Windows GDI WMF Integer Overflow Vulnerability
20. Microsoft Excel Name Record Array Remote Code Execution Vulnerability
21. Microsoft Excel Formula Handling Remote Code Execution Vulnerability
22. Microsoft Excel Malformed Object Handling Remote Code Execution Vulnerability
23. Microsoft Charts ActiveX Control Memory Corruption Vulnerability
24. Microsoft Windows Common AVI ActiveX Control File Parsing Buffer Overflow Vulnerability
25. Microsoft Hierarchical FlexGrid ActiveX Control Memory Corruption Vulnerability
26. Microsoft Internet Explorer Navigation Method Remote Code Execution Vulnerability
27. Microsoft Internet Explorer Embedded Object Remote Code Execution Vulnerability
28. Microsoft Word RTF Malformed String Remote Code Execution Vulnerability
29. Microsoft Internet Explorer Deleted Object Access Remote Code Execution Vulnerability
30. Microsoft FlexGrid ActiveX Control Memory Corruption Vulnerability
31. Microsoft DataGrid ActiveX Control Memory Corruption Vulnerability
32. Microsoft Internet Explorer HTML Objects Remote Code Execution Vulnerability
33. Microsoft Word RTF Multiple Drawing Object Tags Remote Code Execution Vulnerability
34. Microsoft Word Malformed Record Value Remote Code Execution Vulnerability
35. Microsoft Word Malformed Value Remote Code Execution Vulnerability
36. Microsoft Word RTF '\do' Drawing Object Remote Heap Memory Corruption Vulnerability
37. Microsoft Word ' FIB' Value Heap Memory Corruption Vulnerability
38. Microsoft Word RTF Polyline/Polygon Integer Overflow Vulnerability
III. MICROSOFT FOCUS LIST SUMMARY
1. SecurityFocus Microsoft Newsletter #423
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION

I. FRONT AND CENTER
---------------------
1. Time to Exclude Bad ISPs
By Oliver Day
In recent months, three questionable Internet service providers - EstDomains, Atrivo, and McColo - were effectively taken offline resulting in noticeable drops of malware and spam.
http://www.securityfocus.com/columnists/487

2. Standing on Other's Shoulders
By Chris Wysopal
"If I have seen a little further it is by standing on the shoulders of Giants," Issac Netwon once wrote to describe how he felt that his scientific work was an extension of the work of those who went before him. In the scientific realm it is dishonorable not to credit those upon whose work you build.
http://www.securityfocus.com/columnists/486

II. MICROSOFT VULNERABILITY SUMMARY
------------------------------------
1. Adobe Flash Player Unspecified Remote Security Vulnerability
BugTraq ID: 32896
Remote: Yes
Date Published: 2008-12-17
Relevant URL: http://www.securityfocus.com/bid/32896
Summary:
Adobe Flash Player is prone to an unspecified security vulnerability.

Remote attackers may exploit this vulnerability to compromise an affected computer.

No further technical details are currently available. We will update this BID as more information emerges.

This issue affects Flash Player on Linux platforms.

Versions prior to Flash Player 10.0.15.3 and 9.0.152.0 are vulnerable.

2. Mozilla Thunderbird Malformed MIME Message Denial Of Service Vulnerability
BugTraq ID: 32869
Remote: Yes
Date Published: 2008-12-08
Relevant URL: http://www.securityfocus.com/bid/32869
Summary:
Mozilla Thunderbird is prone to a denial-of-service vulnerability because the application fails to properly handle malformed multipart MIME messages.

An attacker can exploit this issue to crash the application during delivery.

3. Microsoft Internet Explorer 'Scripting.FileSystem' Security Bypass Vulnerability
BugTraq ID: 32868
Remote: Yes
Date Published: 2008-12-16
Relevant URL: http://www.securityfocus.com/bid/32868
Summary:
Microsoft Internet Explorer is a web browser available for Microsoft Windows.

The browser is prone to a security-bypass vulnerability because it fails to properly enforce restrictions on script behavior. This issue occurs when the Internet Explorer configuration option 'Initialize and script ActiveX controls not marked safe' is enabled. This option is most likely to be set for the 'Local' or 'Intranet' security zones.

An attacker may be able to download and execute arbitrary code within the context of the application using the ActiveX control (typically Internet Explorer). This may aid in further attacks.

4. Kerio MailServer WebMail Multiple Cross Site Scripting Vulnerabilities
BugTraq ID: 32863
Remote: Yes
Date Published: 2008-12-16
Relevant URL: http://www.securityfocus.com/bid/32863
Summary:
Kerio MailServer is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data.

An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.

Kerio MailServer 6.6.1 build 7069 for Windows is affected by the issue; other versions may also be vulnerable.

5. Internet Explorer 8 CSS 'expression' Property Cross Site Scripting Filter Bypass Weakness
BugTraq ID: 32780
Remote: Yes
Date Published: 2008-12-11
Relevant URL: http://www.securityfocus.com/bid/32780
Summary:
Microsoft Internet Explorer is a web browser for the Microsoft Windows operating system.

Internet Explorer 8 includes a cross-site-scripting filter that is designed to prevent cross-site-scripting attacks against vulnerable web applications. Attackers may be able to bypass this filter under certain conditions, such as by taking advantage of an existing vulnerability in a web application.

Internet Explorer 8 beta 2 is vulnerable.

6. Computer Associates ARCserve Backup 'LDBServer' Remote Code Execution Vulnerability
BugTraq ID: 32764
Remote: Yes
Date Published: 2008-12-10
Relevant URL: http://www.securityfocus.com/bid/32764
Summary:
Computer Associates ARCserve Backup is prone to a remote code-execution vulnerability.

Successfully exploiting this issue will allow attackers to execute arbitrary code with SYSTEM-level privileges, completely compromising affected computers. Failed exploit attempts will likely crash the affected 'LDBserver' service.

7. Microsoft Internet Explorer XML Handling Remote Code Execution Vulnerability
BugTraq ID: 32721
Remote: Yes
Date Published: 2008-12-09
Relevant URL: http://www.securityfocus.com/bid/32721
Summary:
Microsoft Internet Explorer is prone to a remote code-execution vulnerability.

Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the application and possibly the underlying computer. Failed attacks will cause denial-of-service conditions.

NOTE: Symantec has received reports that this issue is being actively exploited in the wild.

8. Microsoft WordPad Text Converter Remote Code Execution Vulnerability
BugTraq ID: 32718
Remote: Yes
Date Published: 2008-12-09
Relevant URL: http://www.securityfocus.com/bid/32718
Summary:
Microsoft WordPad is prone to a remote code-execution vulnerability because of an unspecified error that may result in corrupted memory.

An attacker could exploit this issue to execute arbitrary code with the privileges of the currently logged-in user. Failed exploit attempts may result in denial-of-service conditions.

9. Microsoft SQL Server 'sp_replwritetovarbin' Remote Memory Corruption Vulnerability
BugTraq ID: 32710
Remote: Yes
Date Published: 2008-12-09
Relevant URL: http://www.securityfocus.com/bid/32710
Summary:
Microsoft SQL Server is prone to a remote memory-corruption vulnerability because it fails to properly handle user-supplied input.

Authenticated attackers can exploit this issue to execute arbitrary code and completely compromise affected computers. Failed attacks will likely cause denial-of-service conditions.

The issue affects the following:

Microsoft SQL Server 2000
Microsoft SQL Server 2005

10. Microsoft Outlook Express Malformed MIME Message Denial Of Service Vulnerability
BugTraq ID: 32702
Remote: Yes
Date Published: 2008-12-08
Relevant URL: http://www.securityfocus.com/bid/32702
Summary:
Microsoft Outlook Express is prone to a denial-of-service vulnerability because the application fails to properly handle malformed multipart MIME messages.

An attacker can exploit this issue to crash the application during delivery.

11. RETIRED: RadASM '.rap' Project File Command Execution Vulnerability
BugTraq ID: 32687
Remote: Yes
Date Published: 2008-12-08
Relevant URL: http://www.securityfocus.com/bid/32687
Summary:
RadASM is prone to a command-execution vulnerability because it fails to perform adequate checks on user-supplied input.

Attackers may leverage this issue to execute arbitrary commands in the context of the application. This may aid in further attacks.

RadASM 2.2.1.5 is vulnerable; other versions may also be affected.

NOTE: This BID is being retired because it has been determined not to be a vulnerability.

12. Microsoft Windows Media Components ISATAP URL Handling Information Disclosure Vulnerability
BugTraq ID: 32654
Remote: Yes
Date Published: 2008-12-09
Relevant URL: http://www.securityfocus.com/bid/32654
Summary:
Microsoft Windows Media Components is prone to an information-disclosure vulnerability when handling 'ISATAP' (Intra-Site Automatic Tunnel Addressing Protocol) URLs.

An attacker can use this vulnerability to obtain information that may aid in further attacks.

13. Microsoft Windows Media Components 'Service Principle Name' Remote Code Execution Vulnerability
BugTraq ID: 32653
Remote: Yes
Date Published: 2008-12-09
Relevant URL: http://www.securityfocus.com/bid/32653
Summary:
Microsoft Windows Media Components is prone to a remote code-execution vulnerability in the SPN (Service Principle Name) implementation.

A successful exploit of this vulnerability may allow a remote attacker to execute code in the context of the logged-in user.

14. Microsoft Windows 'search-ms' Protocol Parsing Remote Code Execution Vulnerability
BugTraq ID: 32652
Remote: Yes
Date Published: 2008-12-09
Relevant URL: http://www.securityfocus.com/bid/32652
Summary:
Microsoft Windows Explorer is prone to a remote code-execution vulnerability that affects the 'search-ms' protocol handler.

An attacker could exploit this issue by enticing a victim to visit a maliciously crafted website.

Successfully exploiting this issue would allow the attacker to execute arbitrary code in the context of the currently logged-in user.

This issue affects Windows Vista and Windows Server 2008.

NOTE: Supported editions of Windows Server 2008 are not affected if installed using the Server Core installation option.

15. Microsoft Windows Saved Search File Handling Remote Code Execution Vulnerability
BugTraq ID: 32651
Remote: Yes
Date Published: 2008-12-09
Relevant URL: http://www.securityfocus.com/bid/32651
Summary:
Microsoft Windows is prone to a remote code-execution vulnerability because Windows Explorer fails to correctly free memory when saving the Windows Search saved-search files.

Attackers may exploit this issue by enticing victims into opening and saving a maliciously crafted saved-search file.

Successful exploits may allow attackers to execute arbitrary code with the privileges of the user running the application. Failed exploit attempts will likely result in denial-of-service conditions.

This issue affects Windows Vista and Windows Server 2008.

NOTE: Supported editions of Windows Server 2008 are not affected if installed using the Server Core installation option.

16. Microsoft Word RTF Malformed Control Word Variant 2 Remote Code Execution Vulnerability
BugTraq ID: 32642
Remote: Yes
Date Published: 2008-12-09
Relevant URL: http://www.securityfocus.com/bid/32642
Summary:
Microsoft Word is prone to a remote code-execution vulnerability.

An attacker could exploit this issue by enticing a victim to open a malicious RTF file.

Successfully exploiting this issue would allow the attacker to execute arbitrary code in the context of the currently logged-in user.

17. Microsoft SharePoint Server Unauthorized Access Vulnerability
BugTraq ID: 32638
Remote: Yes
Date Published: 2008-12-09
Relevant URL: http://www.securityfocus.com/bid/32638
Summary:
Microsoft SharePoint Server is prone to a vulnerability that could let remote attackers gain unauthorized access. A successful exploit will let attackers access certain administrative functions of the SharePoint Server.

18. Microsoft Windows GDI File Size Parameter Heap Overflow Vulnerability
BugTraq ID: 32637
Remote: Yes
Date Published: 2008-12-09
Relevant URL: http://www.securityfocus.com/bid/32637
Summary:
The GDI component of Microsoft Windows is prone to a heap-overflow vulnerability that may be triggered by a malicious WMF (Windows Metafile) image. A successful exploit will let the attacker execute arbitrary code in the context of the currently logged-in user.

19. Microsoft Windows GDI WMF Integer Overflow Vulnerability
BugTraq ID: 32634
Remote: Yes
Date Published: 2008-12-09
Relevant URL: http://www.securityfocus.com/bid/32634
Summary:
The GDI component of Microsoft Windows is prone to an integer-overflow vulnerability that may be triggered by a malicious WMF (Windows Metafile) image. A successful exploit will let the attacker execute arbitrary code in the context of the currently logged-in user.

20. Microsoft Excel Name Record Array Remote Code Execution Vulnerability
BugTraq ID: 32622
Remote: Yes
Date Published: 2008-12-09
Relevant URL: http://www.securityfocus.com/bid/32622
Summary:
Microsoft Excel is prone to a remote code-execution vulnerability.

Attackers may exploit this issue by enticing victims into opening a maliciously crafted Excel file.

Successful exploits may allow attackers to execute arbitrary code with the privileges of the user running the application.

21. Microsoft Excel Formula Handling Remote Code Execution Vulnerability
BugTraq ID: 32621
Remote: Yes
Date Published: 2008-12-09
Relevant URL: http://www.securityfocus.com/bid/32621
Summary:
Microsoft Excel is prone to a remote code-execution vulnerability.

Attackers may exploit this issue by enticing victims into opening a maliciously crafted Excel file.

Successful exploits may allow attackers to execute arbitrary code with the privileges of the user running the application.

22. Microsoft Excel Malformed Object Handling Remote Code Execution Vulnerability
BugTraq ID: 32618
Remote: Yes
Date Published: 2008-12-09
Relevant URL: http://www.securityfocus.com/bid/32618
Summary:
Microsoft Excel is prone to a remote code-execution vulnerability.

Attackers may exploit this issue by enticing victims into opening a maliciously crafted Excel file.

Successful exploits may allow attackers to execute arbitrary code with the privileges of the user running the application.

23. Microsoft Charts ActiveX Control Memory Corruption Vulnerability
BugTraq ID: 32614
Remote: Yes
Date Published: 2008-12-09
Relevant URL: http://www.securityfocus.com/bid/32614
Summary:
Microsoft Charts ActiveX control is prone to a remote memory-corruption vulnerability.

Remote attackers can exploit this issue to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Successful exploits will compromise the application and possibly the underlying computer. Failed attacks will cause denial-of-service conditions.

24. Microsoft Windows Common AVI ActiveX Control File Parsing Buffer Overflow Vulnerability
BugTraq ID: 32613
Remote: Yes
Date Published: 2008-12-09
Relevant URL: http://www.securityfocus.com/bid/32613
Summary:
Microsoft Windows Common AVI ActiveX control is prone to a remote buffer-overflow vulnerability.

Remote attackers can exploit this issue to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Successful exploits will compromise the application and possibly the underlying computer. Failed attacks will cause denial-of-service conditions.

25. Microsoft Hierarchical FlexGrid ActiveX Control Memory Corruption Vulnerability
BugTraq ID: 32612
Remote: Yes
Date Published: 2008-12-09
Relevant URL: http://www.securityfocus.com/bid/32612
Summary:
Microsoft Hierarchical FlexGrid ActiveX control is prone to a remote memory-corruption vulnerability.

Remote attackers can exploit this issue to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Successful exploits will compromise the application and possibly the underlying computer. Failed attacks will cause denial-of-service conditions.

Microsoft Hierarchical FlexGrid Control 6.0.88.4 is vulnerable; other versions may also be affected. The control is bundled with Microsoft Visual Basic 6.0 and Microsoft Visual FoxPro 8.0 SP1 and 9.0 SP 2.

26. Microsoft Internet Explorer Navigation Method Remote Code Execution Vulnerability
BugTraq ID: 32596
Remote: Yes
Date Published: 2008-12-09
Relevant URL: http://www.securityfocus.com/bid/32596
Summary:
Microsoft Internet Explorer is prone to a remote code-execution vulnerability.

Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the application and possibly the underlying computer. Failed attacks will cause denial-of-service conditions.

27. Microsoft Internet Explorer Embedded Object Remote Code Execution Vulnerability
BugTraq ID: 32595
Remote: Yes
Date Published: 2008-12-09
Relevant URL: http://www.securityfocus.com/bid/32595
Summary:
Microsoft Internet Explorer is prone to a remote code-execution vulnerability.

Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the application and possibly the underlying computer. Failed attacks will cause denial-of-service conditions.

28. Microsoft Word RTF Malformed String Remote Code Execution Vulnerability
BugTraq ID: 32594
Remote: Yes
Date Published: 2008-12-09
Relevant URL: http://www.securityfocus.com/bid/32594
Summary:
Microsoft Word is prone to a remote code-execution vulnerability.

An attacker could exploit this issue by enticing a victim to open a malicious RTF file.

Successfully exploiting this issue would allow the attacker to execute arbitrary code in the context of the currently logged-in user.

29. Microsoft Internet Explorer Deleted Object Access Remote Code Execution Vulnerability
BugTraq ID: 32593
Remote: Yes
Date Published: 2008-12-09
Relevant URL: http://www.securityfocus.com/bid/32593
Summary:
Microsoft Internet Explorer is prone to a remote code-execution vulnerability.

Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the application and possibly the underlying computer. Failed attacks will cause denial-of-service conditions.

30. Microsoft FlexGrid ActiveX Control Memory Corruption Vulnerability
BugTraq ID: 32592
Remote: Yes
Date Published: 2008-12-09
Relevant URL: http://www.securityfocus.com/bid/32592
Summary:
Microsoft FlexGrid ActiveX control is prone to a remote memory-corruption vulnerability.

Remote attackers can exploit this issue to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Successful exploits will compromise the application and possibly the underlying computer. Failed attacks will cause denial-of-service conditions.

31. Microsoft DataGrid ActiveX Control Memory Corruption Vulnerability
BugTraq ID: 32591
Remote: Yes
Date Published: 2008-12-09
Relevant URL: http://www.securityfocus.com/bid/32591
Summary:
Microsoft DataGrid ActiveX control is prone to a remote memory-corruption vulnerability.

Remote attackers can exploit this issue to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Successful exploits will compromise the application and possibly the underlying computer. Failed attacks will cause denial-of-service conditions.

32. Microsoft Internet Explorer HTML Objects Remote Code Execution Vulnerability
BugTraq ID: 32586
Remote: Yes
Date Published: 2008-12-09
Relevant URL: http://www.securityfocus.com/bid/32586
Summary:
Microsoft Internet Explorer is prone to a remote code-execution vulnerability.

Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the application and possibly the underlying computer. Failed attacks will cause denial-of-service conditions.

33. Microsoft Word RTF Multiple Drawing Object Tags Remote Code Execution Vulnerability
BugTraq ID: 32585
Remote: Yes
Date Published: 2008-12-09
Relevant URL: http://www.securityfocus.com/bid/32585
Summary:
Microsoft Word is prone to a remote code-execution vulnerability.

An attacker could exploit this issue by enticing a victim to open a malicious RTF file.

Successfully exploiting this issue would allow the attacker to execute arbitrary code in the context of the currently logged-in user.

34. Microsoft Word Malformed Record Value Remote Code Execution Vulnerability
BugTraq ID: 32584
Remote: Yes
Date Published: 2008-12-09
Relevant URL: http://www.securityfocus.com/bid/32584
Summary:
Microsoft Word is prone to a remote code-execution vulnerability.

An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions.

35. Microsoft Word Malformed Value Remote Code Execution Vulnerability
BugTraq ID: 32583
Remote: Yes
Date Published: 2008-12-09
Relevant URL: http://www.securityfocus.com/bid/32583
Summary:
Microsoft Word is prone to a remote code-execution vulnerability.

An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions.

36. Microsoft Word RTF '\do' Drawing Object Remote Heap Memory Corruption Vulnerability
BugTraq ID: 32581
Remote: Yes
Date Published: 2008-12-09
Relevant URL: http://www.securityfocus.com/bid/32581
Summary:
Microsoft Word is prone to a remote heap memory-corruption vulnerability.

An attacker could exploit this issue by enticing a victim to open a malicious RTF file.

Successfully exploiting this issue would allow the attacker to execute arbitrary code in the context of the currently logged-in user.

37. Microsoft Word ' FIB' Value Heap Memory Corruption Vulnerability
BugTraq ID: 32580
Remote: Yes
Date Published: 2008-12-09
Relevant URL: http://www.securityfocus.com/bid/32580
Summary:
Microsoft Word is prone to a heap-based memory-corruption vulnerability.

An attacker can exploit this issue by sending a specially crafted Word file to an unsuspecting user and enticing them to open it with a vulnerable application. A successful exploit will allow attackers to execute arbitrary code within the context of the user running the affected application.

38. Microsoft Word RTF Polyline/Polygon Integer Overflow Vulnerability
BugTraq ID: 32579
Remote: Yes
Date Published: 2008-12-09
Relevant URL: http://www.securityfocus.com/bid/32579
Summary:
Microsoft Word is prone to an integer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data.

An attacker could exploit this issue by enticing a victim to open a malicious RTF file.

Successfully exploiting this issue would allow the attacker to execute arbitrary code in the context of the currently logged-in user.

III. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
1. SecurityFocus Microsoft Newsletter #423
http://www.securityfocus.com/archive/88/499173

IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to ms-secnews-unsubscribe (at) securityfocus (dot) com [email concealed] from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.

If your email address has changed email listadmin (at) securityfocus (dot) com [email concealed] and ask to be manually removed.

V. SPONSOR INFORMATION
------------------------
This issue is sponsored by Purewire

NEW! White Paper:
"Hackers Announce Open Season on Web 2.0 Users and Browsers"

Learn how hackers are exploiting your employees Web surfing to gain entry into your network. Drive-by Downloads, Click Jacking, AJAX, XSS and Browser vulns are just some of the nasty attack methods hackers are coming up with and it's no longer good enough to block known bad URL's.
Download this white paper now to mitigate your online security risks.
http://www.purewire.com/lp/sec

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus