Windows Vector Markup Language Buffer Overflow Lets Remote Users Execute Arbitrary Code
|
|
SecurityTracker Alert ID: 1017489
|
|
SecurityTracker URL: http://securitytracker.com/id?1017489
|
|
CVE Reference: CVE-2007-0024
(Links to External Site)
|
Date: Jan 9 2007
|
Impact: Execution of arbitrary code via network, User access via network
|
Fix Available: Yes
Vendor Confirmed: Yes
|
Advisory: Microsoft Security Bulletin
|
Version(s): 2000 SP4, XP SP2, 2003 SP1; and prior service packs
|
Description: A vulnerability was reported in the Windows Vector Markup Language (VML) implementation. A remote user can cause arbitrary code to be executed on the target user's system.
A remote user can create a specially crafted HTML e-mail or web page that, when loaded by the target user, will trigger a buffer
overflow and execute arbitrary code on the target user's system. The code will run with the privileges of the target user.
Windows
Vista is not affected.
This vulnerability is being actively exploited.
Microsoft indicates that this vulnerability has already
been publicly disclosed.
Microsoft credits Jospeh Moti and iDefense with originally reporting this vulnerability.
|
Impact: A remote user can create HTML that, when processed by the target user, will execute arbitrary code on the target user's system.
|
Solution: The vendor has issued the following fixes:
Microsoft Windows XP Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?FamilyId=81FB6A72-AC8A-4B28-905F-A446
91D69432
Microsoft Windows XP Professional x64 Edition:
http://www.microsoft.com/downloads/details.aspx?FamilyId=D06FD167-4F3E-4A2C-B52C-7426DDAD6828
Microsoft
Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1:
http://www.microsoft.com/downloads/details.aspx?FamilyId=4FEE481F-DACE-4EAC-9AFE-BC28ADD70CC5
Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems:
http://www.microsoft.com/downloads/detail
s.aspx?FamilyId=C517FB85-128E-43DB-A659-38AF32283716
Microsoft Windows Server 2003 x64 Edition:
http://www.microsoft.com/downloads/details.aspx?FamilyId=FF4A1F24-C1
E9-4223-965B-14C4793AAF96
Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4:
http://www.microsoft.com/downloads/details.aspx?FamilyId=B
1C7F765-772C-4EEB-9438-BC820CB929E1
Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4:
http://www.microsoft.com/downloads/details.aspx?Fam
ilyId=922A3569-85D1-4584-9B84-4AA7304C69BB
Internet Explorer 7 on Microsoft Windows XP Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?FamilyId=55A0
A6EC-FEFA-40BB-BB6B-3AAB50275A73
Internet Explorer 7 on Microsoft Windows XP Professional x64 Edition:
http://www.microsoft.com/downloads/details.aspx?FamilyId=B5A8
B1F2-6AF0-4F03-989C-C8DE2EACE71D
Internet Explorer 7 on Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service
Pack 1:
http://www.microsoft.com/downloads/details.aspx?FamilyId=08E5CD2E-55C0-4AC9-859F-1B24497B31CE
Internet Explorer 7
on Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems:
http://www.microsoft.com/downloads/det
ails.aspx?FamilyId=48B4D271-D494-4A5C-ABA8-11B3B4584902
Internet Explorer 7 on Microsoft Windows Server 2003 x64 Edition:
http://www.microsoft.com/downloads/details
.aspx?FamilyId=F9C3E0DE-DB66-4D83-829F-C93052BDB1FA
A restart is required.
The Microsoft advisory is available at:
http://www.microsoft.com/technet/security/bull
etin/ms07-004.mspx
|
Vendor URL: www.microsoft.com/technet/security/bulletin/ms07-004.mspx (Links to External Site)
|
Cause: Boundary error
|
Underlying OS: Windows (2000), Windows (2003), Windows (XP)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Tue, 9 Jan 2007 13:28:39 -0500
Subject: Microsoft Security Bulletin MS07-004: Vulnerability in Vector Markup Language Could Allow Remote Code Execution (929969)
|
http://www.microsoft.com/technet/security/bulletin/ms07-004.mspx
CVE-2007-0024
|
|
