Threat Level: green Handler on Duty: Chris Mohan

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

MS06-048: Microsoft Office Remote Code Execution Vulnerabilities

Published: 2006-08-08
Last Updated: 2006-08-08 19:27:35 UTC
by Scott Fendley (Version: 1)
0 comment(s)
Vulnerabilities in Microsoft Office Allow Remote Code Execution
MS06-048 - KB922968  (CVE-2006-3590 CVE-2006-3449)

Severity:   Critical for PowerPoint 2000, and Important to all others.
Replaces:    MS06-038   for PowerPoint 2000, XP, 2003, 2004 for Mac and v.X for Mac
Affected Software:
       Microsoft Office 2000 SP3
       Microsoft Office XP SP3
       Microsoft Office 2003 SP1 or SP2
       Microsoft Office 2004 for Mac
       Microsoft Office v.X for Mac

Description:

This update addresses 2 different remote code execution vulnerabilities that exists in Microsoft Office.  These vulnerabilities specifically affect  PowerPoint, though the binary is shared by several Office products.  To exploit either vulnerability, an end user will have to received a specially crafted PowerPoint via email, from a website or similar mechanism.  The end user would then have to open the file with a vulnerable product.

An attacker who successfully exploited the vulnerabilities could take complete control of an affected system. Those users with limited access would be less impacted.

One of the 2 vulnerabilities has been publicly disclosed and is being actively exploited.  So, it is recommended that this patch be applied immediately.


--
Scott Fendley   ( sfendley -at- isc. sans. org)
University of Arkansas
Keywords:
0 comment(s)
Diary Archives