[SA26145] Microsoft Excel rtWnDesk Record Memory Corruption Vulnerability

Les derniers commentaires publiés sur SecuObs (1-5):

- ESRT @securityninja - Burp Suite Tutorial - Repeater and Comparer Tool - ESRT @dinodaizovi - New metasploit blog post - analyzes the first public Perm - ESRT @iagox86 @hdmoore - Using Metasploit to Locate and Exploit the Energizer - ESRT @innismir - New Weblog Post -- Finding Malware on your network via cache - Sniffing with Wireshark as a Non-Root User Les derniers commentaires publiés sur SecuObs (6-25) Tous les commentaires publiés sur SecuObs avant les 5 derniers

[Message Precedent sur la mailing][Message Suivant sur la mailing][Precedent dans le fil][Prochain dans le fil][Index par Date][Index par fil] [SA26145] Microsoft Excel rtWnDesk Record Memory Corruption Vulnerability

BETA test the new Secunia Personal Software Inspector! The Secunia PSI detects installed software on your computer and categorises it as either Insecure, End-of-Life, or Up-To-Date.

Effectively enabling you to focus your attention on software installations where more secure versions are available from the vendors.

Download the free PSI BETA from the Secunia website: link://[click]

TITLE: Microsoft Excel rtWnDesk Record Memory Corruption Vulnerability

SECUNIA ADVISORY ID: SA26145

VERIFY ADVISORY: link://[click]

CRITICAL: Highly critical

IMPACT: System access

WHERE: From remote SOFTWARE: Microsoft Excel 2000 link://[click] Microsoft Excel 2002 link://[click] Microsoft Excel 2003 link://[click] Microsoft Excel Viewer 2003 link://[click] Microsoft Office 2000 link://[click] Microsoft Office XP link://[click] Microsoft Office 2004 for Mac link://[click] Microsoft Office 2003 Small Business Edition link://[click] Microsoft Office 2003 Standard Edition link://[click] Microsoft Office 2003 Student and Teacher Edition link://[click] Microsoft Office 2003 Professional Edition link://[click]

DESCRIPTION: Secunia Research has discovered a vulnerability in Microsoft Excel, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to an error when validating an index value in the rtWnDesk record and can be exploited to corrupt memory via a specially crafted Excel Workspace (XLW) file.

Successful exploitation may allow execution of arbitrary code.

Other unspecified security issues discovered internally by Microsoft have also been reported.

SOLUTION: Apply patches.

Microsoft Office 2000 SP3: link://[click] Microsoft Office XP SP3: link://[click] Microsoft Office 2003 SP2: link://[click] Microsoft Excel Viewer 2003: link://[click] Microsoft Office 2004 for Mac: link://[click] PROVIDED AND/OR DISCOVERED BY: Dyon Balding, Secunia Research.

ORIGINAL ADVISORY: MS07-044 (KB940965): link://[click]

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: link://[click]

Definitions: (Criticality, Where etc.) link://[click]

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link.

Secunia NEVER sends attached files with advisories.

Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Precedent par Date: [SA26442] Infrant ReadyNAS Devices SSH Default Root Password Weakness
Suivant par Date: [SA26433] Windows Media Player Skin Handling Code Execution Vulnerabilities
Precedent par fil : [SA26442] Infrant ReadyNAS Devices SSH Default Root Password Weakness
Suivant par fil : [SA26433] Windows Media Player Skin Handling Code Execution Vulnerabilities
Index(s):
- Date
- Fil

Archives de la liste de diffusion Secunia
Archives de la liste de diffusion BugTraq
Archives de la liste de diffusion DailyDave
Archives de la liste de diffusion FunSec
Archives de la liste de diffusion Full Disclosure
Archives de la liste de diffusion Focus-IDS (FD)
Archives de la liste de diffusion Webappsec (FD)
Archives de la liste de diffusion Security-basics (FD)
Archives de la liste de diffusion Vulndiscuss
Archives de la liste de diffusion Vulnwatch

Les derniers commentaires publiés sur SecuObs (6-25):

- Focus on MacNikto v1.1.1 - New Google Chrome v4.1.249.1036 released, fixes multiple security vulnerabili - ESRT @opexxx @synopsi - Remote stack overflows - ESRT @postmodern_mod3 @tmm1 - memprof now displays stack frames and threads - ESRT @_MDL_ @gollmann - Locking botnet agents to specific victim systems in o - CsFire 0.4.1 autonomously protects against dangerous or malicious cross-domai - Seccubus v1.4.1 - Nessus 4.2 compatibility release - ESRT @JGamblin @threatpost - Hackers say they will definitely break into an A - ESRT @hdmoore @iagox86 - Weaponizing dnscat - first version of dnscat shellco - iWep PRO 1.1.3 Released - FireCAT v1.6.2 updated with Framework Detector - ESRT @opexxx - FireCAT v1.6.2 updated with BackendInfo - sipwitch 0.7.4 - Oracle XDB FTP service UNLOCK buffer overflow exploit that spawns a reverse s - XSSploit XSS scanner multiplatfom v0.5 available - Network forensics in IRB xtractr Ruby gem - GreenPois0n Possible Jailbreak Software for iPad OS 32 - Blazing fast password recovery with new ATI cards - ESRT @wireheadlance - How to secure a Cisco router - Device Fingerprinting to Fight Real-time Transaction Fraud Les cinq derniers commentaires publiés sur SecuObs Tous les commentaires publiés sur SecuObs avant les 25 derniers

SecuToolBox :

Bluetooth Stack Smasher v0.6 / Bluetooth Stack Smasher v0.8 / Slides Bluetooth Eurosec 2006 / Exposé vidéo Windows Shellcode - Kostya Kortchinsky / Exposé audio Reverse Engineering - Nicolas Brulez / Exposé vidéo Securitech - Pierre Betouin / WEP aircrack + Ubiquiti (MadWifi) 300 mW + Yagi / Secure WIFI WPA + EAP-TLS + Freeradius / Audit Windows / Captive Password Windows / USBDumper / USBDumper 2 / Hacking Hardware / WishMaster backdoor / DNS Auditing Tool / Ettercap SSL MITM / Exploit vulnérabilités Windows / Memory Dumper Kernel Hardening / Reverse Engineering / Scapy / SecUbuLIVE CD / Metasploit / eEye Blink Sec Center / eEye Retina Scanner + d'outils / + de tutoriels

Mini-Tagwall des articles publiés sur SecuObs :

sécurité, exploit, windows, microsoft, réseau, attaque, outil, vulnérabilité, audit, système, virus, internet, données, présentation, metasploit, linux, bluetooth, protocol, vista, scanner, réseaux, shell, engineering, rootkit, paquet, conférence, trames, wishmaster, téléphone, source, sysun, noyau, mobile, https, mémoire, rapport, botnet, téléphones, libre, reverse, navigateur, patch, snort, scapy, intel + de mots clés avec l'annuaire des articles publiés sur SecuObs

Archives Failles Secunia :

- SA38969 OSSIM Multiple Vulnerabilities - SA38861 TR-069 Remote Management SQL Injection Vulnerability - SA38955 MaxDB Handshake Packet Buffer Overflow Vulnerability - SA38922 Ubuntu update for linux and linux-source-2.6.15 - SA38967 PhpKobo Real Estate Contact Form LANG_CODE Local File Inclusion + d'archives failles avec Secunia et SecuMail

Archives Mailing Full Disclosure :

- Full-disclosure Claude Mercier/CLSC-CHSLD BVLV/Reg03/SSSS est absent(e). - Re: Full-disclosure Fingerprinting Paper with Laser - Re: Full-disclosure Fingerprinting Paper with Laser - Full-disclosure AboCMS SQL injection (abocms.ru) - Full-disclosure SECURITY DSA-2018-1 New php5 packages fix null pointer dereference + d'archives Full Disclosure avec SecuMail

Archives Mailing Bugtraq :

- Sahana 0.6.2.2 Authentication Bypass - Secunia Research: Quicksilver Forums Cross-Site Request Forgery Vulnerability - Secunia Research: Quicksilver Forums Backup Information Disclosure - Secunia Research: Quicksilver Forums mysqldump Password Disclosure - Miranda IM silent TLS failure - Vulnerabilities in VXDate for Joomla + d'archives Bugtraq avec SecuMail

Mini-Tagwall de l'annuaire video :

vmware, security, virus, biometric, windows, lockpicking, password, botnet, metasploit, tutorial, attack, crypt, linux, network, iphone, server, exploit, wimax, conficker, virtu, virtual, engineering, cisco, reverse, shmoocon, wireshark, ettercap, hacker, firewall, internet, knoppix, rootkit, arduino, wireless, source, conference, backtrack, openbsd, brucon, systm, overflow, openssh, access, buffer, remote + de mots clés avec l'annuaire des videos

Mini-Tagwall des articles de la revue de presse :

security, microsoft, windows, hacker, attack, network, vulnerability, google, exploit, malware, internet, remote, iphone, server, inject, patch, apple, twitter, mobile, virus, ebook, facebook, vulnérabilité, crypt, source, linux, password, intel, research, virtual, phish, access, tutorial, trojan, social, privacy, firefox, adobe, overflow, office, cisco, conficker, botnet, pirate, sécurité + de mots clés avec l'annuaire de la revue de presse

Mini-Tagwall des Tweets de la revue Twitter :

security, linux, botnet, attack, metasploit, cisco, defcon, phish, exploit, google, inject, server, firewall, network, twitter, vmware, windows, microsoft, compliance, vulnerability, python, engineering, source, kernel, crypt, social, overflow, nessus, crack, hacker, virus, iphone, patch, virtual, javascript, malware, conficker, pentest, research, email, password, adobe, apache, proxy, backtrack + de mots clés avec l'annuaire de la revue Twitter