Vulnerabilities specific to Microsoft Works Spreadsheet 8.0 allows remote attackers to create a denial of service (crash) via a specially crafted Excel file. There are two specific vulnerabilities, and each involve memory corruption and NULL pointer dereference errors when processing malformed WKS or XLR files. Successful execution, however, requires users to open a malicious file.
Additional Resources:
- French Security Incident Response Team: ADV-2006-2813
- National Institute of Standards and Technology: CVE-2006-3653 and CVE-2006-3654
There's a buffer overflow within the Microsoft Hyperlink Object Library (hlink.dll) that allows a remote attacker to cause a denial of service attack and then possibly execute arbitrary code on the compromised PC. This is done via a long hyperlink, as demonstrated when using an Excel worksheet with a long HTML link in Unicode.
Although this sounds similar, this vulnerability is a different from the Unspecified vulnerability in Microsoft Excel, or CVE-2006-3059. This flaw was patched in Microsoft Security Bulletin MS06-050.
Additional Resources:
- Vendor Patch Information: MS06-050
- NIST CVE #: CVE-2006-3086
- US-CERT Vulnerability #: VU39444
- Secunia advisory #: 20748
There is an unspecified vulnerability within Microsoft Office PowerPoint 2000. To become infected, however, a user must open a specially crafted PowerPoint file (PPT). To guard against infection, open suspect files in the free Microsoft PowerPoint Viewer 2003 instead. Malware such as Exploit:Win32/Controlppt.W, Exploit:Win32/Controlppt.X, and Exploit-PPT.d/Trojan.PPDropper.F take advantage of this PowerPoint flaw.
Additional resources:
There's an unspecified new vulnerability affecting Word 2000 documents running on Windows 2000 systems. Although it's been exploited in the wild, security vendors are downplaying the threat as it is hard to execute on a victim's machine. Nonetheless, Microsoft has issued a Security Advisory for the vulnerablity which allows remote user-assisted attackers to execute arbitrary code on a compromised machine. Various security have identified the Trojans used in such attacks with names including Trojan.Mdropper.Q, Mofei, and Femo.
Additional Resources:
- Microsoft info: Security Advisory
- NIST.gov: CVE-2006-4534
- FrSIRT: ADV-2006-3448
- News.com: Word flaw hit with zero-day attack
- Secunia advisory #: 21735
This vulnerability creates a denial of service (crash) within Microsoft Internet Explorer 6 after a victim has been tricked into visiting a malicious Web page. Using the DXImageTransform.Microsoft.Gradient ActiveX object with a long (1) StartColorStr or (2) EndColorStr property, an error is generated.
Additional Resources:
- French Security Incident Response Team: ADV-2006-2832
- BrowserFun: #17
- National Institute of Standards and Technology: CVE-2006-3657
Malicious attackers may use specially created PowerPoint files to crash a victim's computer. There are actually three separate vulnerabilities that occur when the application uses data taken directly from a PowerPoint presentation file as a pointer when saving or closing a malformed presentation. A malicious attacker can exploit this to corrupt memory and manipulate the program flow, and could allow a remote attacker access to a compromised system.
Additional Resources:
- French Security Incident Response Team: ADV-2006-2815
- National Institute of Standards and Technology: CVE-2006-3660
- National Institute of Standards and Technology: CVE-2006-3656
- National Institute of Standards and Technology: CVE-2006-3655
- Secunia advisory #: 21061
- prev
- 1
- next
