Next Page >>
Office XP
following a link to a malicious Web page.
IV. DETECTION
iDefense has confirmed the existence of this vulnerability in Microsoft
Office XP Service Pack 3. Microsoft reports that the following products
are affected:
Microsoft Office XP Service Pack 3
Microsoft Office 2000 Web Components SP3
Microsoft Office XP Web Components SP3
context of the currently logged on user.
4. *Vulnerable packages*
. Microsoft Office XP Service Pack 3
. Microsoft Office 2004 for Mac
5. *Non-vulnerable packages*
version of Office.
IV. DETECTION
iDefense confirmed that the "BMPIMP32.FLT" module installed with
Microsoft Office XP SP3, including all patches as of May 24, 2006, is
vulnerable. Other versions may also be vulnerable.
This vulnerability does not affect Microsoft Office 2003 as this filter
is not installed or required.
no-reply@Aria-security.net wrote:
> Office XP Remote SQL Injection
> Vendor: vso-xp.com
VIRTUAL SUPPORT Office-XP. That's not quite "Office XP".
Verification........................................................10
======================================================================
1) Affected Software
* Microsoft Office XP SP3
* Microsoft Office 2003 SP3
* Microsoft Office 2007 SP2
* Microsoft Office 2010
NOTE: Other versions may also be affected.
III. AFFECTED PRODUCTS
---------------------------
Microsoft Office XP Service Pack 3
IV. Binary Analysis & Exploits/PoCs
---------------------------------------
III. AFFECTED PRODUCTS
---------------------------
Microsoft Office XP Service Pack 3
IV. Binary Analysis & Exploits/PoCs
---------------------------------------
Verification........................................................10
======================================================================
1) Affected Software
* Microsoft Office XP SP3
* Microsoft Office Converter Pack
NOTE: Other versions may also be affected.
======================================================================
Verification........................................................10
======================================================================
1) Affected Software
* Microsoft Office XP SP3
* Microsoft Office Converter Pack
NOTE: Other versions may also be affected.
======================================================================
III. AFFECTED PRODUCTS
---------------------------
Microsoft Office 2004 for Mac
Microsoft Office XP Service Pack 3
IV. Binary Analysis & Exploits/PoCs
---------------------------------------
III. AFFECTED PRODUCTS
---------------------------
Microsoft Office 2004 for Mac
Microsoft Office XP Service Pack 3
IV. Binary Analysis & Exploits/PoCs
---------------------------------------
III. AFFECTED PRODUCTS
---------------------------
Microsoft Office 2004 for Mac
Microsoft Office XP Service Pack 3
IV. Binary Analysis & Exploits/PoCs
---------------------------------------
iDefense has confirmed the existence of this vulnerability in Microsoft
Word 2003, Microsoft Word 2007, and Microsoft Outlook 2007. The
following Microsoft products are vulnerable:
* Microsoft Office XP SP 3
* Microsoft Office 2003 SP 3
* Microsoft Office 2007 SP 2
* Microsoft Office 2010 (32-bit editions)
* Microsoft Office 2010 (64-bit editions)
* Microsoft Office for Mac 2011
Verification........................................................10
======================================================================
1) Affected Software
* Microsoft Office XP SP3
* Microsoft Office Converter Pack
* Microsoft Works 9
NOTE: Other versions may also be affected.
---------------------------
Microsoft Office 2004 for Mac
Microsoft Office 2008 for Mac
Microsoft Office 2003 Service Pack 3
Microsoft Office XP Service Pack 3
Open XML File Format Converter for Mac
IV. Binary Analysis & Exploits/PoCs
---------------------------------------
Verification........................................................10
======================================================================
1) Affected Software
* Microsoft Office XP SP3
* Microsoft Office Converter Pack
* Microsoft Works 9
NOTE: Other versions may also be affected.
III. AFFECTED PRODUCTS
---------------------------
Microsoft Office XP Service Pack 3
IV. Binary Analysis & Exploits/PoCs
---------------------------------------
Verification........................................................10
======================================================================
1) Affected Software
* Microsoft Office XP
======================================================================
2) Severity
III. AFFECTED PRODUCTS
---------------------------
Microsoft Office 2007 Service Pack 2
Microsoft Office XP Service Pack 3
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007
File Formats Service Pack 2
Microsoft Excel Viewer Service Pack 2
Verification........................................................10
======================================================================
1) Affected Software
* Microsoft Office XP SP3
* Microsoft Office Converter Pack
NOTE: Other versions may also be affected.
======================================================================
III. AFFECTED PRODUCTS
---------------------------
Microsoft Office 2008 for Mac
Microsoft Office 2004 for Mac
Microsoft Office XP Service Pack 3
Open XML File Format Converter for Mac
IV. Binary Analysis & Exploits/PoCs
---------------------------------------
. 2008-10-01: Core confirms the vendor that after private discussions
the advisory will be published in December 9th (second Tuesday of the
month).
. 2008-10-01: Vendor confirms that the release date of fixes is December
9th and supplies Core with a copy of their own security bulletin and a
copy of the Office XP update fixing the bug.
. 2008-10-20: Core confirms that it intends to publish the advisory
CORE-2008-0228 on December 9th as previously established.
. 2008-11-11: Vendor confirms it is still on track to publish this fix
for December 9th.
. 2008-11-11: Core informs the vendor that the patch was tested and
III. AFFECTED PRODUCTS
---------------------------
Microsoft Office 2008 for Mac
Microsoft Office 2004 for Mac
Microsoft Office XP Service Pack 3
Open XML File Format Converter for Mac
IV. Binary Analysis & Exploits/PoCs
---------------------------------------
III. AFFECTED PRODUCTS
---------------------------
Microsoft Office 2004 for Mac
Microsoft Office 2003 Service Pack 3
Microsoft Office XP Service Pack 3
IV. Binary Analysis & Exploits/PoCs
---------------------------------------
III. AFFECTED PRODUCTS
---------------------------
Microsoft Office 2004 for Mac
Microsoft Office 2003 Service Pack 3
Microsoft Office XP Service Pack 3
Microsoft Word Viewer
IV. Binary Analysis & Exploits/PoCs
---------------------------------------
III. AFFECTED PRODUCTS
---------------------------
Microsoft Office 2008 for Mac
Microsoft Office 2004 for Mac
Microsoft Office XP Service Pack 3
Open XML File Format Converter for Mac
IV. Binary Analysis & Exploits/PoCs
---------------------------------------
ZDI-11-121: Microsoft Office XP Data Validation Record Parsing Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-121
April 12, 2011
-- CVE ID:
CVE-2011-0105
-- CVSS:
III. AFFECTED PRODUCTS
---------------------------
Microsoft Office XP Service Pack 3
IV. Binary Analysis & Exploits/PoCs
---------------------------------------
III. AFFECTED PRODUCTS
---------------------------
Microsoft Office XP Service Pack 3
IV. Binary Analysis & Exploits/PoCs
---------------------------------------
III. AFFECTED PRODUCTS
---------------------------
Microsoft Office 2004 for Mac
Microsoft Office XP Service Pack 3
IV. Binary Analysis & Exploits/PoCs
---------------------------------------
Next Page>>
|
