Computer Security
[EN] securityvulns.ru no-pyccku


Microsoft Office / Word / Excel / Power Point multiple security vulnerabilities
updated since 12.08.2008
Published:13.08.2008
Source:
SecurityVulns ID:9216
Type:client
Threat Level:
8/10
Description:Multiple memory corruptions, protection bypass.
Affected:MICROSOFT : Office 2000
 MICROSOFT : Office XP
 MICROSOFT : Office 2003
 MICROSOFT : Office 2007
 MICROSOFT : Office SharePoint Server 2007
CVE:CVE-2008-3460 (WPGIMP32.FLT in Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 does not properly parse the length of a WordPerfect Graphics (WPG) file, which allows remote attackers to execute arbitrary code via a crafted WPG file, aka the "WPG Image File Heap Corruption Vulnerability.")
 CVE-2008-3021 (Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 do not properly parse the length of a PICT file, which allows remote attackers to execute arbitrary code via a crafted PICT file with an invalid bits_per_pixel field, aka the "PICT Filter Parsing Vulnerability," a different vulnerability than CVE-2008-3018.)
 CVE-2008-3020 (Microsoft Office 2000 SP3 and XP SP3; Office Converter Pack; and Works 8 do not properly parse the length of a BMP file, which allows remote attackers to execute arbitrary code via a crafted BMP file, aka the "Malformed BMP Filter Vulnerability.")
 CVE-2008-3019 (Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 do not properly parse the length of an Encapsulated PostScript (EPS) file, which allows remote attackers to execute arbitrary code via a crafted EPS file, aka the "Malformed EPS Filter Vulnerability.")
 CVE-2008-3018 (Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 do not properly parse the length of a PICT file, which allows remote attackers to execute arbitrary code via a crafted PICT file, aka the "Malformed PICT Filter Vulnerability," a different vulnerability than CVE-2008-3021.)
 CVE-2008-3006 (Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and 2007 Gold and SP1; Office Excel Viewer 2003 Gold and SP3; Office Excel Viewer; Office Compatibility Pack 2007 Gold and SP1; Office SharePoint Server 2007 Gold and SP1; and Office 2004 and 2008 for Mac do not properly parse Country record values when loading Excel files, which allows remote attackers to execute arbitrary code via a crafted Excel file, aka the "Excel Record Parsing Vulnerability.")
 CVE-2008-3005 (Array index vulnerability in Microsoft Office Excel 2000 SP3 and 2002 SP3, and Office 2004 and 2008 for Mac allows remote attackers to execute arbitrary code via an Excel file with a crafted array index for a FORMAT record, aka the "Excel Index Array Vulnerability.")
 CVE-2008-3004 (Microsoft Office Excel 2000 SP3, 2002 SP3, and 2003 SP2 and SP3; Office Excel Viewer 2003; and Office 2004 and 2008 for Mac do not properly validate index values for AxesSet records when loading Excel files, which allows remote attackers to execute arbitrary code via a crafted Excel file, aka the "Excel Indexing Validation Vulnerability.")
 CVE-2008-3003 (Microsoft Office Excel 2007 Gold and SP1 does not properly delete the PWD (password) string from connections.xml when a .xlsx file is configured not to save the remote data session password, which allows local users to obtain sensitive information and obtain access to a remote data source, aka the "Excel Credential Caching Vulnerability.")
 CVE-2008-2244
Original documentdocumentIDEFENSE, iDefense Security Advisory 08.12.08: Microsoft Excel FORMAT Record Invalid Array Index Vulnerability (13.08.2008)
 documentIDEFENSE, iDefense Security Advisory 08.12.08: Microsoft Excel Chart AxesSet Invalid Array Index Vulnerability (13.08.2008)
 documentIDEFENSE, iDefense Security Advisory 08.12.08: Microsoft PowerPoint Viewer 2003 Cstring Integer Overflow Vulnerability (13.08.2008)
 documentIDEFENSE, iDefense Security Advisory 08.12.08: Microsoft PowerPoint Viewer 2003 Out of Bounds Array Index Vulnerability (13.08.2008)
 documentIDEFENSE, iDefense Security Advisory 08.12.08: Microsoft Office WPG Image File Heap Buffer Overflow Vulnerability (13.08.2008)
 documentIDEFENSE, iDefense Security Advisory 08.12.08: Microsoft Office BMP Input Filter Heap Overflow Vulnerability (13.08.2008)
 documentZDI, ZDI-08-048: Microsoft Excel COUNTRY Record Memory Corruption Vulnerability (13.08.2008)
 documentMICROSOFT, Microsoft Security Bulletin MS08-051 – Critical Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (949785) Microsoft Security Bulletin MS08-051 – Critical (12.08.2008)
 documentMICROSOFT, Microsoft Security Bulletin MS08-044 – Critical Vulnerabilities in Microsoft Office Filters Could Allow Remote Code Execution (924090) (12.08.2008)
 documentMICROSOFT, Microsoft Security Bulletin MS08-043 – Critical Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (954066) (12.08.2008)
 documentMICROSOFT, Microsoft Security Bulletin MS08-042 – Important Vulnerability in Microsoft Word Could Allow Remote Code Execution (955048) (12.08.2008)
Files:Microsoft Security Bulletin MS08-044 – Critical Vulnerabilities in Microsoft Office Filters Could Allow Remote Code Execution (924090)
 Microsoft Security Bulletin MS08-051 – Critical Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (949785) Microsoft Security Bulletin MS08-051 – Critical
 Microsoft Security Bulletin MS08-042 – Important Vulnerability in Microsoft Word Could Allow Remote Code Execution (955048)

Microsoft Windows color management system memory corruption
updated since 12.08.2008
Published:13.08.2008
Source:
SecurityVulns ID:9218
Type:library
Threat Level:
7/10
Description:Memory corruption on ICCM management.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
CVE:CVE-2008-2245 (Heap-based buffer overflow in the InternalOpenColorProfile function in mscms.dll in Microsoft Windows Image Color Management System (MSCMS) in the Image Color Management (ICM) component on Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted image file.)
Original documentdocumentIDEFENSE, iDefense Security Advisory 08.12.08: Microsoft Windows Color Management Module Heap Buffer Overflow Vulnerability (13.08.2008)
 documentZDI, ZDI-08-049: Microsoft Windows Graphics Rendering Engine PICT Heap Corruption (13.08.2008)
 documentMICROSOFT, Microsoft Security Bulletin MS08-046 – Critical Vulnerability in Microsoft Windows Image Color Management System Could Allow Remote Code Execution (952954) (12.08.2008)
Files:Microsoft Security Bulletin MS08-046 – Critical Vulnerability in Microsoft Windows Image Color Management System Could Allow Remote Code Execution (952954)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod