Buffer Overflow di Microsoft Office su documenti RTF

Microsoft Office RTF File Stack Buffer Overflow Vulnerability

Microsoft Office is prone to a remote stack-based buffer-overflow vulnerability because the software fails to perform adequate boundary checks on user-supplied data.
An attacker can exploit this issue by enticing a victim to open a malicious RTF file or view an email in RTF format.
Successfully exploiting this issue would allow the attacker to corrupt memory and execute arbitrary code in the context of the currently logged-in user.

Failed exploit attempts will result in a denial-of-service condition.

(Microsoft Office è soggetto a uno stack-based buffer overflow remoto poiché il software non riesce a eseguire adeguati controlli sui dati forniti.
Un utente malintenzionato può sfruttare questo problema inducendo la vittima ad aprire un file RTF dannoso, o aprire una e-mail in formato RTF.
Sfruttando quanto detto con successo, sarebbe permesso all’attaccante di corrompere la memoria ed eseguire codice arbitrario nel contesto dell’utente attualmente connesso.

Tentativi di exploit falliti si tradurranno in un Denial-of-Service.)

 

La vulnerabilità è applicata a:

Microsoft Open XML File Format Converter for Mac 0 Microsoft Office XP SP3
+ Microsoft Excel 2002 SP3
+ Microsoft Excel 2002 SP3
+ Microsoft FrontPage 2002 SP3
+ Microsoft FrontPage 2002 SP3
+ Microsoft Outlook 2002 SP3
+ Microsoft Outlook 2002 SP3
+ Microsoft PowerPoint 2002 SP3
+ Microsoft PowerPoint 2002 SP3
+ Microsoft Publisher 2002 SP3
+ Microsoft Publisher 2002 SP3

Microsoft Office XP SP2
– Microsoft Windows 2000 Professional SP3
– Microsoft Windows 2000 Professional SP2
– Microsoft Windows 2000 Professional SP1
– Microsoft Windows 2000 Professional
– Microsoft Windows 98
– Microsoft Windows 98SE
– Microsoft Windows ME
– Microsoft Windows NT Workstation 4.0 SP6a
– Microsoft Windows NT Workstation 4.0 SP6
– Microsoft Windows NT Workstation 4.0 SP5
– Microsoft Windows NT Workstation 4.0 SP4
– Microsoft Windows NT Workstation 4.0 SP3
– Microsoft Windows NT Workstation 4.0 SP2
– Microsoft Windows NT Workstation 4.0 SP1
– Microsoft Windows NT Workstation 4.0
– Microsoft Windows XP Home SP1
– Microsoft Windows XP Home
– Microsoft Windows XP Professional SP1
– Microsoft Windows XP Professional

Microsoft Office XP SP1
– Microsoft Windows 2000 Professional SP2
– Microsoft Windows 2000 Professional SP1
– Microsoft Windows 2000 Professional
– Microsoft Windows 98
– Microsoft Windows ME
– Microsoft Windows NT Workstation 4.0 SP6a
– Microsoft Windows NT Workstation 4.0 SP6
– Microsoft Windows NT Workstation 4.0 SP5
– Microsoft Windows NT Workstation 4.0 SP4
– Microsoft Windows NT Workstation 4.0 SP3
– Microsoft Windows NT Workstation 4.0 SP2
– Microsoft Windows NT Workstation 4.0 SP1
– Microsoft Windows NT Workstation 4.0
– Microsoft Windows XP Home
– Microsoft Windows XP Professional

Microsoft Office XP
– Microsoft Windows 2000 Professional SP2
– Microsoft Windows 2000 Professional SP1
– Microsoft Windows 2000 Professional
– Microsoft Windows 98
– Microsoft Windows ME
– Microsoft Windows NT Workstation 4.0 SP6a
– Microsoft Windows NT Workstation 4.0 SP6
– Microsoft Windows NT Workstation 4.0 SP5
– Microsoft Windows NT Workstation 4.0 SP4
– Microsoft Windows NT Workstation 4.0 SP3
– Microsoft Windows NT Workstation 4.0 SP2
– Microsoft Windows NT Workstation 4.0 SP1
– Microsoft Windows NT Workstation 4.0
– Microsoft Windows XP Home
– Microsoft Windows XP Professional

Microsoft Office 2011 for Mac

Microsoft Office 2010 (64-bit edition)

Microsoft Office 2010 (32-bit edition)

Microsoft Office 2010

Microsoft Office 2008 for Mac

Microsoft Office 2007 SP2

Microsoft Office 2007 SP1

Microsoft Office 2007
+ Microsoft Access 2003
+ Microsoft Access 2007
+ Microsoft Excel 2003
+ Microsoft Excel 2007
+ Microsoft Excel 2007
+ Microsoft FrontPage 2003
+ Microsoft Groove 2007
+ Microsoft Groove 2007
+ Microsoft InfoPath 2003
+ Microsoft InfoPath 2007
+ Microsoft InfoPath 2007
+ Microsoft Office Communicator 2007
+ Microsoft OneNote 2003
+ Microsoft Outlook 2003
+ Microsoft Outlook 2007
+ Microsoft Outlook 2007
+ Microsoft PowerPoint 2003
+ Microsoft PowerPoint 2007
+ Microsoft PowerPoint 2007
+ Microsoft Project Professional 2007
+ Microsoft Project Standard 2007
+ Microsoft Publisher 2003
+ Microsoft Publisher 2007
+ Microsoft SharePoint Designer 2007
+ Microsoft Visio Professional 2007
+ Microsoft Visio Professional 2007
+ Microsoft Visio Standard 2007

Microsoft Office 2004 for Mac
Microsoft Office 2003 SP2
Microsoft Office 2003 SP1

Microsoft Office 2003
+ Microsoft Excel 2003
+ Microsoft FrontPage 2003
+ Microsoft InfoPath 2003
+ Microsoft OneNote 2003
+ Microsoft Outlook 2003
+ Microsoft PowerPoint 2003
+ Microsoft Publisher 2003

Codice della vulnerabilità:

http://www.securityfocus.com/data/vulnerabilities/exploits/44652.rb

Microsoft ha fornito le seguenti soluzioni:


Microsoft Office 2008 for Mac

Microsoft Office2008-1228UpdateEN.dmg

Microsoft Office XP SP3

Microsoft officexp-KB2289169-FullFile-ENU.exe

Microsoft Office 2007 SP2

Microsoft Office2007-kb2289158-fullfile-x86-glb.exe

Microsoft Office 2010 (64-bit edition)

Microsoft Office2010-kb2289161-fullfile-x64-glb.exe

Microsoft Office 2011 for Mac

Microsoft Office2011-1401UpdateEN.dmg

Microsoft Office 2010 (32-bit edition)

Riferimenti:

Ovviamente il consiglio da seguire, oltre quello di aprire con cautela eventuali file .RTF soprattutto se spediti via e-mail, è di aggiornare al più presto Office con l’update adatto alla versione utilizzata.

Informazioni su Totocellux


Lascia un commento

Inserisci i tuoi dati qui sotto o clicca su un'icona per effettuare l'accesso:

Logo WordPress.com

Stai commentando usando il tuo account WordPress.com. Chiudi sessione / Modifica )

Foto Twitter

Stai commentando usando il tuo account Twitter. Chiudi sessione / Modifica )

Foto di Facebook

Stai commentando usando il tuo account Facebook. Chiudi sessione / Modifica )

Google+ photo

Stai commentando usando il tuo account Google+. Chiudi sessione / Modifica )

Connessione a %s...

%d blogger cliccano Mi Piace per questo: