CERT-In Advisory CIAD-2008-15
Multiple Vulnerabilities in Microsoft Office Components
Original issue date:
March 12, 2008
Systems Affected
- Microsoft Office 2000
- Microsoft Office 2003
- Microsoft Office XP
- Microsoft Excel Viewer 2003
- 2007 Microsoft Office System
- Microsoft BizTalk Server
- Microsoft Commerce Server
- Microsoft ISA Server 2000
- Microsoft Office Web Components 2000
- Microsoft Visual Studio .NET 2002
- Microsoft Visual Studio .NET 2003
Overview
Multiple vulnerabilities have been reported Microsoft Office Components.
Description
The vulnerability notes released by CERT-In with reference to Microsoft Security Bulletins are given below:
| Microsoft Security Bulletin |
Severity |
CERT-In Vulnerability Notes |
| MS08-014: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution |
High |
CIVN-2008-25: Microsoft Excel Multiple Vulnerabilities |
| MS08-015: Vulnerability in Microsoft Outlook Could Allow Remote Code Execution |
High |
CIVN-2008-26: Microsoft Outlook "mailto:" URI Handling Vulnerability |
| MS08-016: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution
|
High |
CIVN-2008-27: Multiple Remote Code Execution Vulnerabilities in Microsoft Office |
| MS08-017:Vulnerabilities in Microsoft Office Web Components Could Allow Remote Code Execution |
High |
CIVN-2008-28: Multiple Remote Code Execution Vulnerabilities in Microsoft Office Web Components |
Solution
Apply appropriate patches as mentioned in Microsoft Security Bulletin March 2008
http://www.microsoft.com/technet/security/bulletin/ms08-mar.mspx
Vendor Information
Microsoft Corporation
http://www.microsoft.com/technet/security/bulletin/ms08-mar.mspx
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Phone: +91-11-24368572
Postal address
Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003
|
