Notices

NSC-060314: Microsoft Office and Excel Vulnerabilities

National Cyber Alert System

Technical Cyber Security Alert TA06-073A

Microsoft Office and Excel Vulnerabilities

Original release date: March 14, 2006

Last revised: --

Source: US-CERT

Systems Affected

* Microsoft Office for Windows and Mac OS X

* Microsoft Excel for Windows and Mac OS X

* Microsoft Works Suite for Windows

For more complete information, refer to the Microsoft Security

Bulletin Summary for March 2006.

Overview

Microsoft has released updates that address critical vulnerabilitiesin Microsoft Office and Excel. Exploitation of these vulnerabilitiescould allow a remote, unauthenticated attacker to execute arbitrarycode or cause a denial of service on a vulnerable system.

I. Description

Microsoft Security Bulletin Summary for March 2006 addressesvulnerabilities in Microsoft Office and Excel. Further information isavailable in the following US-CERT Vulnerability Notes:VU#339878 - Microsoft Excel malformed parsing format file memorycorruption vulnerability Microsoft Excel contains a memory corruption vulnerability. Thisvulnerability may allow a remote attacker to execute arbitrary code ona vulnerable system.(CVE-2006-0028)VU#104302 - Microsoft Excel malformed record memory corruption vulnerability

Microsoft Excel fails to properly validate records. This vulnerabilitymay allow a remote attacker to execute arbitrary code on a vulnerable system.

(CVE-2006-0031)

VU#123222 - Microsoft Excel malformed graphic memory corruptionvulnerability

Microsoft Excel fails to properly validate graphics. Thisvulnerability may allow a remote attacker to execute arbitrary code ona vulnerable system.

(CVE-2006-0030)

VU#235774 - Microsoft Excel malformed description memory corruption vulnerability

Microsoft Excel fails to properly validate the description field. This vulnerability may allow a remote attacker to execute arbitrary code ona vulnerable system.

(CVE-2006-0029)

VU#642428 - Microsoft Excel fails to properly perform range validationwhen parsing document files Microsoft Excel contains an error in range validation, which may allowa remote unauthenticated, attacker to execute arbitrary code on avulnerable system.

(CVE-2005-4131)

VU#682820 - Microsoft Office routing slip buffer overflow Microsoft Office contains a buffer overflow in the parsing of routingslips, which may allow an attacker to execute arbitrary code on avulnerable system.

(CVE-2006-0009)

II. Impact

A remote, unauthenticated attacker could execute arbitrary code withthe privileges of the user. If the user is logged on withadministrative privileges, the attacker could take complete control ofan affected system. An attacker may also be able to cause a denial ofservice.

III. Solution

Apply Updates

Microsoft has provided the updates for these vulnerabilities in theSecurity Bulletins and on the Microsoft Update site.

Workarounds

Please see the following US-CERT Vulnerability Notes for workarounds.

Appendix A. References

* Microsoft Security Bulletin Summary for March 2006 -

<http://www.microsoft.com/technet/security/bulletin/ms06-mar.mspx>

* US-CERT Vulnerability Note VU#339878 -

<http://www.kb.cert.org/vuls/id/339878>

* US-CERT Vulnerability Note VU#104302 -

<http://www.kb.cert.org/vuls/id/104302>

* US-CERT Vulnerability Note VU#123222 -

<http://www.kb.cert.org/vuls/id/123222>

* US-CERT Vulnerability Note VU#235774 -

<http://www.kb.cert.org/vuls/id/235774>

* US-CERT Vulnerability Note VU#642428 -

<http://www.kb.cert.org/vuls/id/642428>

* US-CERT Vulnerability Note VU#682820 -

<http://www.kb.cert.org/vuls/id/682820>

* CVE-2005-4131 -

<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4131>

* CVE-2006-0009 -

<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0009>

* CVE-2006-0028 -

<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0028>

* CVE-2006-0029 -

<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0029>

* CVE-2006-0030 -

<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0030>

* CVE-2006-0031 -

<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0031>

* Microsoft Update - <https://update.microsoft.com/microsoftupdate>

____________________________________________________________________

The most recent version of this document can be found at:

<http://www.us-cert.gov/cas/techalerts/TA06-073A.html>

____________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please sendemail to <cert@cert.org> with "TA06-073A Feedback VU#339878" in thesubject.

____________________________________________________________________

For instructions on subscribing to or unsubscribing from this

mailing list, visit <http://www.us-cert.gov/cas/signup.html>.

____________________________________________________________________

Produced 2006 by US-CERT, a government organization.Terms of use:

<http://www.us-cert.gov/legal.html>

____________________________________________________________________

Revision History

March 14, 2006: Initial release

UI Home | UI A-Z Search | UI Phonebook/Email | Contact Us

Copyright © The University of Iowa. All rights reserved.