Windows Vector Markup Language Buffer Overflow Lets Remote Users Execute Arbitrary Code
|
|
SecurityTracker Alert ID: 1017489 |
|
SecurityTracker URL: http://securitytracker.com/id/1017489
|
|
CVE Reference:
CVE-2007-0024
(Links to External Site)
|
Date: Jan 9 2007
|
Impact:
Execution of arbitrary code via network, User access via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 2000 SP4, XP SP2, 2003 SP1; and prior service packs
|
Description:
A vulnerability was reported in the Windows Vector Markup Language (VML) implementation. A remote user can cause arbitrary code to be executed on the target user's system.
A remote user can create a specially crafted HTML e-mail or web page that, when loaded by the target user, will trigger a buffer overflow and execute arbitrary code on the target user's system. The code will run with the privileges of the target user.
Windows Vista is not affected.
This vulnerability is being actively exploited.
Microsoft indicates that this vulnerability has already been publicly disclosed.
Microsoft credits Jospeh Moti and iDefense with originally reporting this vulnerability.
|
Impact:
A remote user can create HTML that, when processed by the target user, will execute arbitrary code on the target user's system.
|
Solution:
The vendor has issued the following fixes:
Microsoft Windows XP Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?FamilyId=81FB6A72-AC8A-4B28-905F-A44691D69432
Microsoft Windows XP Professional x64 Edition:
http://www.microsoft.com/downloads/details.aspx?FamilyId=D06FD167-4F3E-4A2C-B52C-7426DDAD6828
Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1:
http://www.microsoft.com/downloads/details.aspx?FamilyId=4FEE481F-DACE-4EAC-9AFE-BC28ADD70CC5
Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems:
http://www.microsoft.com/downloads/details.aspx?FamilyId=C517FB85-128E-43DB-A659-38AF32283716
Microsoft Windows Server 2003 x64 Edition:
http://www.microsoft.com/downloads/details.aspx?FamilyId=FF4A1F24-C1E9-4223-965B-14C4793AAF96
Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4:
http://www.microsoft.com/downloads/details.aspx?FamilyId=B1C7F765-772C-4EEB-9438-BC820CB929E1
Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4:
http://www.microsoft.com/downloads/details.aspx?FamilyId=922A3569-85D1-4584-9B84-4AA7304C69BB
Internet Explorer 7 on Microsoft Windows XP Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?FamilyId=55A0A6EC-FEFA-40BB-BB6B-3AAB50275A73
Internet Explorer 7 on Microsoft Windows XP Professional x64 Edition:
http://www.microsoft.com/downloads/details.aspx?FamilyId=B5A8B1F2-6AF0-4F03-989C-C8DE2EACE71D
Internet Explorer 7 on Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1:
http://www.microsoft.com/downloads/details.aspx?FamilyId=08E5CD2E-55C0-4AC9-859F-1B24497B31CE
Internet Explorer 7 on Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems:
http://www.microsoft.com/downloads/details.aspx?FamilyId=48B4D271-D494-4A5C-ABA8-11B3B4584902
Internet Explorer 7 on Microsoft Windows Server 2003 x64 Edition:
http://www.microsoft.com/downloads/details.aspx?FamilyId=F9C3E0DE-DB66-4D83-829F-C93052BDB1FA
A restart is required.
The Microsoft advisory is available at:
http://www.microsoft.com/technet/security/bulletin/ms07-004.mspx
|
Vendor URL: www.microsoft.com/technet/security/bulletin/ms07-004.mspx (Links to External Site)
|
Cause:
Boundary error
|
Underlying OS:
|
|
Message History:
None.
|
Source Message Contents
|
Date: Tue, 9 Jan 2007 13:28:39 -0500
Subject: Microsoft Security Bulletin MS07-004: Vulnerability in Vector Markup Language Could Allow Remote Code Execution (929969)
|
http://www.microsoft.com/technet/security/bulletin/ms07-004.mspx
CVE-2007-0024
|
|
