Microsoft Office Multiple Code Execution Vulnerabilities

Posted on Wednesday, October 11, 2006 @ 02:19:07 CDT in Security
by Raven

SECUNIA ADVISORY ID: SA22339

VERIFY ADVISORY: http://secunia.com/advisories/22339/

CRITICAL: Highly critical

IMPACT: System access

WHERE: >From remote

DESCRIPTION: Multiple vulnerabilities have been reported in Microsoft Office, which can be exploited by malicious people to compromise a user's system.

SOFTWARE:
Microsoft Word 2003 Viewer - http://secunia.com/product/5523/
Microsoft Word 2003 - http://secunia.com/product/4908/
Microsoft Word 2002 - http://secunia.com/product/2150/
Microsoft Word 2000 - http://secunia.com/product/2149/
Microsoft Visio 2003 - http://secunia.com/product/1092/
Microsoft Visio 2002 - http://secunia.com/product/1091/
Microsoft Publisher 2003 - http://secunia.com/product/10986/
Microsoft Publisher 2002 - http://secunia.com/product/30/
Microsoft Publisher 2000 - http://secunia.com/product/29/
Microsoft Project 2003 - http://secunia.com/product/3170/
Microsoft Project 2002 - http://secunia.com/product/157/
Microsoft Project 2000 - http://secunia.com/product/158/
Microsoft Powerpoint 2003 - http://secunia.com/product/5274/
Microsoft PowerPoint 2002 - http://secunia.com/product/2223/
Microsoft PowerPoint 2000 - http://secunia.com/product/3052/
Microsoft Outlook 2003 - http://secunia.com/product/3292/
Microsoft Outlook 2002 - http://secunia.com/product/34/
Microsoft Outlook 2000 - http://secunia.com/product/33/
Microsoft OneNote 2003 - http://secunia.com/product/7140/
Microsoft Office XP - http://secunia.com/product/23/
Microsoft Office X for Mac - http://secunia.com/product/2610/
Microsoft Office 2004 for Mac - http://secunia.com/product/8713/
Microsoft Office 2003 Student and Teacher Edition - http://secunia.com/product/2278/
Microsoft Office 2003 Standard Edition - http://secunia.com/product/2275/
Microsoft Office 2003 Small Business Edition - http://secunia.com/product/2277/
Microsoft Office 2003 Professional Edition - http://secunia.com/product/2276/
Microsoft Office 2000 - http://secunia.com/product/24/
Microsoft InfoPath 2003 - http://secunia.com/product/6463/
Microsoft Access 2000 - http://secunia.com/product/36/
Microsoft Access 2002 - http://secunia.com/product/35/
Microsoft Access 2003 - http://secunia.com/product/4904/
Microsoft Excel 2000 - http://secunia.com/product/3054/
Microsoft Excel 2002 - http://secunia.com/product/4043/
Microsoft Excel 2003 - http://secunia.com/product/4970/
Microsoft Excel Viewer 2003 - http://secunia.com/product/7700/
Microsoft Frontpage 2000 - http://secunia.com/product/27/
Microsoft Frontpage 2002 - http://secunia.com/product/26/
Microsoft Frontpage 2003 - http://secunia.com/product/6997/

DESCRIPTION: Multiple vulnerabilities have been reported in Microsoft Office, which can be exploited by malicious people to compromise a user's system.

1) An unspecified boundary error within the parsing of certain strings can be exploited to cause a buffer overflow via a specially crafted Office document.

2) A boundary error when parsing chart records can be exploited to cause a buffer overflow via a specially crafted Office document.

3) An unspecified boundary error when parsing certain records can be exploited to cause a buffer overflow via a specially crafted Office document.

4) A boundary error within the parsing of Smart Tags can be exploited to cause a buffer overflow via a specially crafted Office document.

Successful exploitation of the vulnerabilities allows execution of arbitrary code.

SOLUTION: Apply patches.

Microsoft Office 2000 SP3: http://www.microsoft.com/downloads/details.aspx?FamilyId=E0C7E1E4-7859-4C7E-898E-1CF05014885B

Microsoft Office XP SP3: http://www.microsoft.com/downloads/details.aspx?FamilyId=958EE063-D88D-4E45-8555-4D1C4730F5C8

Microsoft Office 2003 SP1/SP2: http://www.microsoft.com/downloads/details.aspx?FamilyId=0D399F68-EC0D-4768-9846-B16B3DADF247

Microsoft Project 2000 SR1: http://www.microsoft.com/downloads/details.aspx?FamilyId=266A9870-CD03-45CA-877B-B5AD2C873FE5

Microsoft Project 2002 SP1: http://www.microsoft.com/downloads/details.aspx?FamilyId=A77DEA18-D237-4BB0-9464-CE31B6AE52D6

Microsoft Visio 2002 SP2: http://www.microsoft.com/downloads/details.aspx?FamilyId=FD4B7660-0FC5-43E5-9683-B6DAE96136BB

Microsoft Office 2004 for Mac: http://www.microsoft.com/mac/

Microsoft Office v. X for Mac: http://www.microsoft.com/mac/

PROVIDED AND/OR DISCOVERED BY:
1) The vendor credits Dejun Meng, Fortinet.
2) The vendor credits Arnaud Dovi.
3) The vendor credits Sowhat, Nevis Labs.

ORIGINAL ADVISORY: MS06-062 (KB922581): http://www.microsoft.com/technet/security/Bulletin/MS06-062.mspx
 
 
Associated TopicsBugs and AlertsMicrosoft