|
 |
|
Microsoft XML Core Services "substringData()" Integer Overflow
|
|
|
|
|
Secunia Advisory:
|
SA26447
|
|
|
Release Date:
|
2007-08-14
|
|
Last Update:
|
2008-01-10
|
|
|
Critical:
|
Highly critical
|
|
Impact:
|
System access
|
|
Where:
|
From remote
|
|
Solution Status:
|
Vendor Patch
|
|
| Software: | Microsoft Core XML Services (MSXML) 6.x
Microsoft Expression Web 1.x
Microsoft Office 2003 Professional Edition
Microsoft Office 2003 Small Business Edition
Microsoft Office 2003 Standard Edition
Microsoft Office 2003 Student and Teacher Edition
Microsoft Office 2007
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats
Microsoft Office Groove Server 2007
Microsoft Office SharePoint Server 2007
Microsoft Word Viewer 2003
Microsoft XML Core Services (MSXML) 4.x
Microsoft XML Core Services 3.x
|
| | CVE reference: | CVE-2007-2223 (Secunia mirror)
|
|
|
Want to know the next time vulnerabilities are fixed in this product?
- Companies can be alerted via email and SMS! |
|
|
Description:
A vulnerability has been reported in Microsoft XML Core Services, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an integer overflow error in the "substringData()" method of an XMLDOM/TextNode JavaScript object. This can be exploited to cause a heap-based buffer overflow via specially-crafted arguments passed to the affected method.
Successful exploitation may allow execution of arbitrary code when a user e.g. visits a malicious website.
Do you have this product installed on your home computer? Scan using the free Personal Software Inspector. Check if a vulnerable version is installed on computers in your corporate network, scan using the Network Software Inspector.
Solution:
Apply patches.
Microsoft XML Core Services 3.0 for Windows 2000 SP4:
http://www.microsoft.com/downloads/de...=245214ea-76f9-4755-8a14-a74232e20c1c
Microsoft XML Core Services 4.0 for Windows 2000 SP4:
http://www.microsoft.com/downloads/de...=021E12F5-CB46-43DF-A2B8-185639BA2807
Microsoft XML Core Services 6.0 for Windows 2000 SP4:
http://www.microsoft.com/downloads/de...=70C92E77-9E5A-41B1-A9D2-64443913C976
Microsoft XML Core Services 3.0 for Windows XP SP2:
http://www.microsoft.com/downloads/de...=dea6a48f-fb00-43f3-a374-3220f9759c2d
Microsoft XML Core Services 3.0 for Windows XP Professional x64 Edition (optionally with SP2):
http://www.microsoft.com/downloads/de...=b8862ca9-1203-4056-a257-29271838ac0d
Microsoft XML Core Services 4.0 for Windows XP SP2
http://www.microsoft.com/downloads/de...=021E12F5-CB46-43DF-A2B8-185639BA2807
Microsoft XML Core Services 4.0 for Windows XP Professional x64 Edition (optionally with SP2):
http://www.microsoft.com/downloads/de...=021E12F5-CB46-43DF-A2B8-185639BA2807
Microsoft XML Core Services 6.0 for Windows XP SP2
http://www.microsoft.com/downloads/de...=70C92E77-9E5A-41B1-A9D2-64443913C976
Microsoft XML Core Services 6.0 for Windows XP Professional x64 Edition (optionally with SP2):
http://www.microsoft.com/downloads/de...=70C92E77-9E5A-41B1-A9D2-64443913C976
Microsoft XML Core Services 3.0 for Windows Server 2003 SP1/SP2:
http://www.microsoft.com/downloads/de...=12618ad0-aefd-4c9a-a769-4b14a7603d6e
Microsoft XML Core Services 3.0 for Windows Server 2003 x64 Edition (optionally with SP2):
http://www.microsoft.com/downloads/de...=61bf00a9-aeea-431a-86d3-526a4a373bb7
Microsoft XML Core Services 3.0 for Windows Server 2003 for Itanium-based systems SP1/SP2:
http://www.microsoft.com/downloads/de...=b0285dd7-bf66-4226-9948-26e8aae99046
Microsoft XML Core Services 4.0 for Windows Server 2003 SP1/SP2:
http://www.microsoft.com/downloads/de...=021E12F5-CB46-43DF-A2B8-185639BA2807
Microsoft XML Core Services 4.0 for Windows Server 2003 x64 Edition (optionally with SP2):
http://www.microsoft.com/downloads/de...=021E12F5-CB46-43DF-A2B8-185639BA2807
Microsoft XML Core Services 4.0 for Windows Server 2003 for Itanium-based systems SP1/SP2:
http://www.microsoft.com/downloads/de...=021E12F5-CB46-43DF-A2B8-185639BA2807
Microsoft XML Core Services 6.0 for Windows Server 2003 SP1/SP2:
http://www.microsoft.com/downloads/de...=70C92E77-9E5A-41B1-A9D2-64443913C976
Microsoft XML Core Services 6.0 for Windows Server 2003 x64 Edition (optionally with SP2):
http://www.microsoft.com/downloads/de...=70C92E77-9E5A-41B1-A9D2-64443913C976
Microsoft XML Core Services 6.0 for Windows Server 2003 for Itanium-based systems SP1/SP2:
http://www.microsoft.com/downloads/de...=70C92E77-9E5A-41B1-A9D2-64443913C976
Microsoft XML Core Services 3.0 for Windows Vista:
http://www.microsoft.com/downloads/de...=c734d7de-5d87-4904-81c3-714db2cb8b0d
Microsoft XML Core Services 3.0 for Windows Vista x64 Edition:
http://www.microsoft.com/downloads/de...=0a465d77-a737-4d26-82a1-570f9c788a8a
Microsoft XML Core Services 4.0 for Windows Vista:
http://www.microsoft.com/downloads/de...=021E12F5-CB46-43DF-A2B8-185639BA2807
Microsoft XML Core Services 4.0 for Windows Vista x64 Edition:
http://www.microsoft.com/downloads/de...=021E12F5-CB46-43DF-A2B8-185639BA2807
Microsoft XML Core Services 6.0 for Windows Vista:
http://www.microsoft.com/downloads/de...=14270529-3ae5-43bf-a471-722ab010d81e
Microsoft XML Core Services 6.0 for Windows Vista x64 Edition:
http://www.microsoft.com/downloads/de...=928da3d2-b0b9-447a-b37a-4350497fe563
Microsoft XML Core Services 5.0 in Microsoft Office 2003 Service Pack 2:
http://www.microsoft.com/downloads/de...=A339CB7B-E08A-47F8-AC0B-DF449191424A
Microsoft XML Core Services 5.0 in 2007 Microsoft Office System:
http://www.microsoft.com/downloads/de...=7A97478A-832C-4A6B-B074-0E18B1E4ED33
Microsoft XML Core Services 5.0 in Microsoft Office SharePoint Server:
http://www.microsoft.com/downloads/de...=E875613B-2F32-4F28-A635-664A25C95C18
Microsoft XML Core Services 5.0 in Microsoft Office Groove Server 2007:
http://www.microsoft.com/downloads/de...=E875613B-2F32-4F28-A635-664A25C95C18
Microsoft XML Core Services 5.0 in Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats:
http://www.microsoft.com/downloads/de...=7A97478A-832C-4A6B-B074-0E18B1E4ED33
Microsoft XML Core Services 5.0 in Microsoft Expression Web:
http://www.microsoft.com/downloads/de...=7A97478A-832C-4A6B-B074-0E18B1E4ED33
Microsoft XML Core Services 5.0 in Microsoft Word Viewer 2003:
http://www.microsoft.com/downloads/de...=A339CB7B-E08A-47F8-AC0B-DF449191424A
Provided and/or discovered by:
Independently discovered by:
* An anonymous researcher, reported via iDefense Labs
* An anonymous researcher, reported via ZDI
Changelog:
2007-08-15: Added links to US-CERT and ZDI.
2007-08-16: Updated advisory and added additional link to iDefense Labs.
2007-09-28: Added "Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats" and "Microsoft Expression Web" to the list of affected products. Updated "Solution" section.
2008-01-10: Added "Microsoft Word Viewer 2003" in list of affected products. Updated "Solution" section.
Original Advisory:
MS07-042 (KB936227):
http://www.microsoft.com/technet/security/Bulletin/MS07-042.mspx
ZDI:
http://www.zerodayinitiative.com/advisories/ZDI-07-048.html
iDefense Labs:
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=576
Other References:
US-CERT VU#361968:
http://www.kb.cert.org/vuls/id/361968
|
|
|
|
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
|
|
|
50 Related Secunia Security Advisories, displaying 10
|
|
|
1. Microsoft Visio Two File Processing Vulnerabilities
|
|
2. Microsoft Office Two Code Execution Vulnerabilities
|
|
3. Microsoft Outlook "mailto:" URI Handling Vulnerability
|
|
4. Microsoft Office Object Parsing Memory Corruption Vulnerability
|
|
5. Microsoft Office Publisher File Parsing Vulnerabilities
|
|
6. Microsoft Works File Converter File Parsing Vulnerabilities
|
|
7. Microsoft Word File Information Block Memory Corruption
|
|
8. Microsoft Excel Multiple Code Execution Vulnerabilities
|
|
9. Microsoft Windows SharePoint Services / Office SharePoint Server Cross-Site Scripting
|
|
10. Microsoft Excel rtWnDesk Record Memory Corruption Vulnerability
|
Show all related advisories
|
|
|
Send Feedback to Secunia
|
|
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.
|
|
|
|
|
|
Secunia PSI
Scan | Patch | Track
Free Download
|
|
|
Secunia Poll
|
|
|
|
|
 |
|
|
Most Popular Advisories
|
|
|
|
|
|
