CERT-In Vulnerability Note
CIVN-2006-0098
Multiple Remote Code Execution Vulnerabilities in Microsoft Word
Original Issue Date:October 11, 2006
Severity Rating: HIGH
Systems Affected
Microsoft Office 2000 Service Pack 3 Microsoft Office XP Service Pack 3 Microsoft Office 2003 Service Pack 1 or Service Pack 2 - Microsoft Office Word 2003
- Microsoft Office Word 2003 Viewer
Microsoft Works Suites: - Microsoft Works Suite 2004
- Microsoft Works Suite 2005
- Microsoft Works Suite 2006
Overview
Multiple vulnerabilities have been reported in Microsoft Word, exploitation of which could allow remote code execution and compromise of affected system.
Description
Microsoft Word Vulnerability CVE-2006-3647
Microsoft Word Malformed Stack Vulnerability
(
CVE-2006-4534
)
When Microsoft Word parses a specially crafted Word file which contains a malformed string, it may corrupt system memory in such a way that an attacker could execute arbitrary code. An attacker who successfully exploited this vulnerability could cause arbitrary code to run with the privileges of the user who opened the file. An attacker could exploit the vulnerability by sending a specially-crafted file to the user by mail and persuade the user to open the file or host a Web Site that contains a Word file that is used to attempt to exploit this vulnerability.
Microsoft Word Mail Merge Vulnerability
(
CVE-2006-3651
)
When Microsoft Word opens a specially crafted Word mail merge file, it may corrupt system memory in such a way that an attacker could execute arbitrary code. An attacker who successfully exploited this vulnerability could cause arbitrary code to run with the privileges of the user who opened the file. Such a specially crafted file might be included as an e-mail attachment or hosted on a malicious web site. Viewing or previewing a malformed e-mail message in an affected version of Outlook could not lead to exploitation of this vulnerability.
Workaround
Do not open or save Microsoft Word files that you receive from untrusted sources or that you received unexpectedly from trusted sources.
Solution
Apply appropriate updates as mentioned in the Microsoft Security Bulletin MS06-060 . Note: This security update has replaced a prior released security update MS06-027
Vendor Information
http://www.microsoft.com/technet/security/Bulletin/MS06-060.mspx
References
US-CERT
http://www.kb.cert.org/vuls/id/806548
Secunia
http://secunia.com/advisories/21735/
Security Focus
http://www.securityfocus.com/bid/20341/info
http://www.securityfocus.com/bid/20358/info
http://www.securityfocus.com/bid/19835/info
http://www.securityfocus.com/bid/20387/info
Security Tracker
http://securitytracker.com/alerts/2006/Oct/1017032.html
FrSirt
http://www.frsirt.com/english/advisories/2006/3979
CVE Name
CVE-2006-3647
CVE-2006-3651
CVE-2006-4534
CVE-2006-4693
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Email: info@cert-in.org.in Phone: +91-11-2436857
Postal address
Indian Computer Emergency Response Team (CERT-In)
Ministry of Electronics and Information Technology
Government of India
Electronics Niketan
6, CGO Complex, Lodhi Road,
New Delhi - 110 003
India
|