PCWorks: Microsoft Visual Basic (for Office, Works Suite, Access, VB, Visio) Applications Buffer Ove

Thread: PCWorks: Microsoft Visual Basic (for Office, Works Suite, Access, VB, Visio) Applications Buffer Ove

Search this list only Search all lists
PCWorks: Microsoft Visual Basic (for Office, Works Suite, Access, VB, Visio) Applications Buffer Ove
	2006-08-09 08:53:28
TITLE: Microsoft Visual Basic for Applications Buffer Overflow SECUNIA ADVISORY ID: SA21408 VERIFY ADVISORY: http://secunia.c om/advisories/21408/ CRITICAL: Extremely critical IMPACT: System access WHERE: From remote SOFTWARE: Microsoft Works Suite 2006 http://secunia.com/p roduct/8712/ Microsoft Works Suite 2005 http://secunia.com/p roduct/8711/ Microsoft Works Suite 2004 http://secunia.com/p roduct/3897/ Microsoft Visual Basic for Applications SDK 6.x http://secunia.com/p roduct/2148/ Microsoft Visio 2002 http://secunia.com/p roduct/1091/ Microsoft Project 2002 http://secunia.com/pr oduct/157/ Microsoft Project 2000 http://secunia.com/pr oduct/158/ Microsoft Office XP http://secunia.com/pro duct/23/ Microsoft Office 2000 http://secunia.com/pro duct/24/ Microsoft Access 2000 http://secunia.com/pro duct/36/ DESCRIPTION: A vulnerability has been reported in Microsoft Visual Basic for Applications, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the way document properties are passed from a host application when opening a document and can be exploited to cause a buffer overflow. Successful exploitation allows execution of arbitrary code when a user e.g. opens a specially crafted Office document or visits a malicious website. NOTE: According to the vendor, the vulnerability is being actively exploited in the wild. SOLUTION: Apply patches. Microsoft Office 2000 SP3: http://www.microsof t.com/downloads/details.aspx?FamilyId=837A4FA9-FABC-4119-9AA F-2C8663029D2B Microsoft Project 2000 SR1: http://www.microsof t.com/downloads/details.aspx?FamilyId=744DD25D-B9A7-4E30-B64 E-1C9BB0F87D90 Microsoft Access 2000 Runtime SP3: http://www.microsof t.com/downloads/details.aspx?FamilyId=ED5A8C40-C592-4299-AFB 2-5F0F6E2B1DCD Microsoft Office XP SP3: http://www.microsof t.com/downloads/details.aspx?FamilyId=B26ADC3C-1DB8-46FD-838 1-B199EE351E7C Microsoft Project 2002 SP1: http://www.microsof t.com/downloads/details.aspx?FamilyId=62EF50AA-6061-4185-971 3-F8C31B195103 Microsoft Visio 2002 SP2: http://www.microsof t.com/downloads/details.aspx?FamilyId=43525B6A-58B7-49C7-88D 8-4983D1614A96 Microsoft Works Suite 2004: http://www.microsof t.com/downloads/details.aspx?FamilyId=B26ADC3C-1DB8-46FD-838 1-B199EE351E7C Microsoft Works Suite 2005: http://www.microsof t.com/downloads/details.aspx?FamilyId=B26ADC3C-1DB8-46FD-838 1-B199EE351E7C Microsoft Works Suite 2006: http://www.microsof t.com/downloads/details.aspx?FamilyId=B26ADC3C-1DB8-46FD-838 1-B199EE351E7C Microsoft Visual Basic for Applications SDK 6.0: http://www.microsof t.com/downloads/details.aspx?FamilyId=424DF92A-3CC4-4B72-B2F 8-D45ED2A8F4B3 Microsoft Visual Basic for Applications SDK 6.2: http://www.microsof t.com/downloads/details.aspx?FamilyId=424DF92A-3CC4-4B72-B2F 8-D45ED2A8F4B3 Microsoft Visual Basic for Applications SDK 6.3: http://www.microsof t.com/downloads/details.aspx?FamilyId=424DF92A-3CC4-4B72-B2F 8-D45ED2A8F4B3 Microsoft Visual Basic for Applications SDK 6.4: http://www.microsof t.com/downloads/details.aspx?FamilyId=424DF92A-3CC4-4B72-B2F 8-D45ED2A8F4B3 ORIGINAL ADVISORY: MS06-047 (KB921645): http://www.microsoft.com/technet/security/Bullet in/MS06-047.mspx ============= PCWorks Mailing List ================= Don't see your post? Check our posting guidelines & make sure you've followed proper posting procedures, http://pcworkers.com/r ules.htm Contact list owner <owner-pcworksimagicomm.com> Unsubscribing and other changes: http://pcworkers.com =====================================================

[1]

about | contact Other archives ( Real Estate discussion Medical topics )