Executive Summary

Summary
Title Microsoft Updates for Multiple Vulnerabilities
Informations
Name TA08-134A First vendor Publication 2008-05-13
Vendor US-CERT Last vendor Modification 2008-05-13
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score 9.3 Attack Range Network
Cvss Impact Score 10 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Microsoft has released updates that address vulnerabilities in Microsoft Windows, Office, Jet Database Engine, Windows Live OneCare, Antigen, Windows Defender, and Forefront Security.

I. Description

Microsoft has released updates to address vulnerabilities that affect Microsoft Windows, Office, Jet Database Engine, Windows Live OneCare, Antigen, Windows Defender, and Forefront Security as part of the Microsoft Security Bulletin Summary for May 2008. The most severe vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code. For more information, see the US-CERT Vulnerability Notes Database.

II. Impact

A remote, unauthenticated attacker could execute arbitrary code, gain elevated privileges, or cause a denial of service.

III. Solution

Apply updates from Microsoft

Microsoft has provided updates for these vulnerabilities in the May
2008 Security Bulletin Summary. The security bulletin describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects.
Administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS).

Original Source

Url : http://www.us-cert.gov/cas/techalerts/TA08-134A.html

CWE : Common Weakness Enumeration

% Id Name
50 % CWE-399 Resource Management Errors
33 % CWE-94 Failure to Control Generation of Code ('Code Injection')
17 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:13981
 
Oval ID: oval:org.mitre.oval:def:13981
Title: Microsoft Malware Protection Engine Vulnerability-I
Description: Unspecified vulnerability in Microsoft Malware Protection Engine (mpengine.dll) 1.1.3520.0 and 0.1.13.192, as used in multiple Microsoft products, allows context-dependent attackers to cause a denial of service (engine hang and restart) via a crafted file, a different vulnerability than CVE-2008-1438.
Family: windows Class: vulnerability
Reference(s): CVE-2008-1437
Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows XP
Product(s): Microsoft Antigen for Exchange
Microsoft Antigen for SMTP Gateway
Microsoft Forefront Security for Exchange Server
Microsoft Forefront Security for SharePoint
Microsoft Windows Defender
Windows Live OneCare
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:14375
 
Oval ID: oval:org.mitre.oval:def:14375
Title: Microsoft Malware Protection Engine Vulnerability-II
Description: Unspecified vulnerability in Microsoft Malware Protection Engine (mpengine.dll) 1.1.3520.0 and 0.1.13.192, as used in multiple Microsoft products, allows context-dependent attackers to cause a denial of service (disk space exhaustion) via a file with "crafted data structures" that trigger the creation of large temporary files, a different vulnerability than CVE-2008-1437.
Family: windows Class: vulnerability
Reference(s): CVE-2008-1438
Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows XP
Product(s): Microsoft Antigen for Exchange
Microsoft Antigen for SMTP Gateway
Microsoft Forefront Security for Exchange Server
Microsoft Forefront Security for SharePoint
Microsoft Windows Defender
Windows Live OneCare
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:5012
 
Oval ID: oval:org.mitre.oval:def:5012
Title: Word Cascading Style Sheet (CSS) Vulnerability
Description: Use-after-free vulnerability in Microsoft Word in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 Office System SP1 and earlier allows remote attackers to execute arbitrary code via an HTML document with a large number of Cascading Style Sheets (CSS) selectors, related to a "memory handling error" that triggers memory corruption.
Family: windows Class: vulnerability
Reference(s): CVE-2008-1434
Version: 11
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Product(s): Microsoft Word
Microsoft Office Compatibility Pack
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:5303
 
Oval ID: oval:org.mitre.oval:def:5303
Title: Publisher Object Handler Validation Vulnerability
Description: Unspecified vulnerability in Microsoft Publisher in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 SP1 and earlier allows remote attackers to execute arbitrary code via a Publisher file with crafted object header data that triggers memory corruption, aka "Publisher Object Handler Validation Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2008-0119
Version: 7
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Product(s): Microsoft Publisher
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:5494
 
Oval ID: oval:org.mitre.oval:def:5494
Title: Object Parsing Vulnerability
Description: Unspecified vulnerability in Microsoft Word in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 Office System SP1 and earlier allows remote attackers to execute arbitrary code via a Rich Text Format (.rtf) file with a malformed string that triggers a "memory calculation error" and a heap-based buffer overflow, aka "Object Parsing Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2008-1091
Version: 13
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Product(s): Microsoft Word
Microsoft Office Compatibility Pack
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:5578
 
Oval ID: oval:org.mitre.oval:def:5578
Title: Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability
Description: Stack-based buffer overflow in Microsoft msjet40.dll 4.0.8618.0 (aka Microsoft Jet Engine), as used by Access 2003 in Microsoft Office 2003 SP3, allows user-assisted attackers to execute arbitrary code via a crafted MDB file database file containing a column structure with a modified column count. NOTE: this might be the same issue as CVE-2005-0944.
Family: windows Class: vulnerability
Reference(s): CVE-2007-6026
Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Product(s): Microsoft Jet 4.0 Database Engine
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1
Application 1
Application 1
Application 1
Application 1
Application 1
Application 1
Application 2
Application 8
Application 2
Application 1
Application 1
Application 2
Os 1
Os 1
Os 1
Os 1

SAINT Exploits

Description Link
Microsoft Jet Engine MDB file ColumnName buffer overflow More info here

OpenVAS Exploits

Date Description
2008-09-03 Name : Windows Vulnerability in Microsoft Jet Database Engine
File : nvt/win_CVE-2007-6026.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
45033 Microsoft Publisher Object Handler Header Data Validation Arbitrary Code Exec...

45032 Microsoft Word Document Malformed CSS Handling Memory Corruption Arbitrary Co...

45031 Microsoft Office RTF File Handling Object Parsing Arbitrary Code Execution

A memory corruption flaw exists in Office. Word and Outlook fail to validate strings contained in RTF files resulting in memory corruption. With a specially crafted file, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity.
45028 Microsoft Malware Protection Engine File Parsing Disk-space Exhaustion DoS

45027 Microsoft Malware Protection Engine File Parsing Service DoS

44880 Microsoft Windows msjet40.dll MDB File Handling Overflow

A remote overflow exists in Microsoft Jet (msjet40.dll). The DLL fails to bounds check user-supplied data resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.

Information Assurance Vulnerability Management (IAVM)

Date Description
2008-05-15 IAVM : 2008-A-0030 - Microsoft Jet Database Remote Code Execution Vulnerability
Severity : Category II - VMSKEY : V0016013
2008-05-15 IAVM : 2008-A-0029 - Microsoft Publisher Remote Code Execution Vulnerability
Severity : Category II - VMSKEY : V0016014

Snort® IPS/IDS

Date Description
2019-09-05 Microsoft Word malformed css remote code execution attempt
RuleID : 50895 - Revision : 1 - Type : FILE-OFFICE
2019-09-05 Microsoft Word malformed css remote code execution attempt
RuleID : 50894 - Revision : 1 - Type : FILE-OFFICE
2016-04-14 Microsoft Office Word RTF parsing memory corruption attempt
RuleID : 38237 - Revision : 1 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Access MSISAM file magic detected
RuleID : 23718 - Revision : 7 - Type : FILE-IDENTIFY
2014-01-10 Microsoft Office Access TJDB file magic detected
RuleID : 23717 - Revision : 7 - Type : FILE-IDENTIFY
2014-01-10 Microsoft Office Access JSDB file magic detected
RuleID : 23716 - Revision : 7 - Type : FILE-IDENTIFY
2014-01-10 Microsoft Office Access file magic detected
RuleID : 23715 - Revision : 8 - Type : FILE-IDENTIFY
2014-01-10 Microsoft Office Word RTF parsing memory corruption attempt
RuleID : 17743 - Revision : 19 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Publisher Object Handler Validation Code Execution attempted
RuleID : 17383 - Revision : 12 - Type : FILE-OFFICE
2014-01-10 Microsoft Malware Protection Engine file processing denial of service attempt
RuleID : 17306 - Revision : 10 - Type : OS-WINDOWS
2014-01-10 RTF control word overflow attempt
RuleID : 13803 - Revision : 15 - Type : FILE-OFFICE
2014-01-10 Microsoft malware protection engine denial of service attempt
RuleID : 13802 - Revision : 7 - Type : OS-WINDOWS
2014-01-10 Microsoft malware protection engine denial of service attempt
RuleID : 13798 - Revision : 8 - Type : OS-WINDOWS
2014-01-10 Microsoft Word malformed css remote code execution attempt
RuleID : 13790 - Revision : 13 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Access MSISAM file magic detected
RuleID : 13633 - Revision : 18 - Type : FILE-IDENTIFY
2014-01-10 Microsoft Office Access TJDB file magic detected
RuleID : 13630 - Revision : 18 - Type : FILE-IDENTIFY
2014-01-10 Microsoft Office Access JSDB file magic detected
RuleID : 13629 - Revision : 18 - Type : FILE-IDENTIFY
2014-01-10 Microsoft Office Access file magic detected
RuleID : 13626 - Revision : 22 - Type : FILE-IDENTIFY

Nessus® Vulnerability Scanner

Date Description
2010-10-20 Name : An application installed on the remote Mac OS X host is affected by multiple ...
File : macosx_ms08-026.nasl - Type : ACT_GATHER_INFO
2008-05-13 Name : Arbitrary code can be executed on the remote host through Microsoft Word.
File : smb_nt_ms08-026.nasl - Type : ACT_GATHER_INFO
2008-05-13 Name : Arbitrary code can be executed on the remote host through Microsoft Publisher.
File : smb_nt_ms08-027.nasl - Type : ACT_GATHER_INFO
2008-05-13 Name : Arbitrary code can be executed on the remote host through the database engine.
File : smb_nt_ms08-028.nasl - Type : ACT_GATHER_INFO
2008-05-13 Name : It is possible to crash the antimalware program.
File : smb_nt_ms08-029.nasl - Type : ACT_GATHER_INFO