Executive Summary
Summary | |
---|---|
Title | Microsoft Updates for Multiple Vulnerabilities |
Informations | |||
---|---|---|---|
Name | TA08-134A | First vendor Publication | 2008-05-13 |
Vendor | US-CERT | Last vendor Modification | 2008-05-13 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Microsoft has released updates that address vulnerabilities in Microsoft Windows, Office, Jet Database Engine, Windows Live OneCare, Antigen, Windows Defender, and Forefront Security. I. Description Microsoft has released updates to address vulnerabilities that affect Microsoft Windows, Office, Jet Database Engine, Windows Live OneCare, Antigen, Windows Defender, and Forefront Security as part of the Microsoft Security Bulletin Summary for May 2008. The most severe vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code. For more information, see the US-CERT Vulnerability Notes Database. II. Impact A remote, unauthenticated attacker could execute arbitrary code, gain elevated privileges, or cause a denial of service. III. Solution Apply updates from Microsoft Microsoft has provided updates for these vulnerabilities in the May |
Original Source
Url : http://www.us-cert.gov/cas/techalerts/TA08-134A.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-399 | Resource Management Errors |
33 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
17 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:13981 | |||
Oval ID: | oval:org.mitre.oval:def:13981 | ||
Title: | Microsoft Malware Protection Engine Vulnerability-I | ||
Description: | Unspecified vulnerability in Microsoft Malware Protection Engine (mpengine.dll) 1.1.3520.0 and 0.1.13.192, as used in multiple Microsoft products, allows context-dependent attackers to cause a denial of service (engine hang and restart) via a crafted file, a different vulnerability than CVE-2008-1438. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-1437 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft Antigen for Exchange Microsoft Antigen for SMTP Gateway Microsoft Forefront Security for Exchange Server Microsoft Forefront Security for SharePoint Microsoft Windows Defender Windows Live OneCare |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14375 | |||
Oval ID: | oval:org.mitre.oval:def:14375 | ||
Title: | Microsoft Malware Protection Engine Vulnerability-II | ||
Description: | Unspecified vulnerability in Microsoft Malware Protection Engine (mpengine.dll) 1.1.3520.0 and 0.1.13.192, as used in multiple Microsoft products, allows context-dependent attackers to cause a denial of service (disk space exhaustion) via a file with "crafted data structures" that trigger the creation of large temporary files, a different vulnerability than CVE-2008-1437. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-1438 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft Antigen for Exchange Microsoft Antigen for SMTP Gateway Microsoft Forefront Security for Exchange Server Microsoft Forefront Security for SharePoint Microsoft Windows Defender Windows Live OneCare |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5012 | |||
Oval ID: | oval:org.mitre.oval:def:5012 | ||
Title: | Word Cascading Style Sheet (CSS) Vulnerability | ||
Description: | Use-after-free vulnerability in Microsoft Word in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 Office System SP1 and earlier allows remote attackers to execute arbitrary code via an HTML document with a large number of Cascading Style Sheets (CSS) selectors, related to a "memory handling error" that triggers memory corruption. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-1434 | Version: | 11 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista | Product(s): | Microsoft Word Microsoft Office Compatibility Pack |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5303 | |||
Oval ID: | oval:org.mitre.oval:def:5303 | ||
Title: | Publisher Object Handler Validation Vulnerability | ||
Description: | Unspecified vulnerability in Microsoft Publisher in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 SP1 and earlier allows remote attackers to execute arbitrary code via a Publisher file with crafted object header data that triggers memory corruption, aka "Publisher Object Handler Validation Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-0119 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista | Product(s): | Microsoft Publisher |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5494 | |||
Oval ID: | oval:org.mitre.oval:def:5494 | ||
Title: | Object Parsing Vulnerability | ||
Description: | Unspecified vulnerability in Microsoft Word in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 Office System SP1 and earlier allows remote attackers to execute arbitrary code via a Rich Text Format (.rtf) file with a malformed string that triggers a "memory calculation error" and a heap-based buffer overflow, aka "Object Parsing Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-1091 | Version: | 13 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista | Product(s): | Microsoft Word Microsoft Office Compatibility Pack |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5578 | |||
Oval ID: | oval:org.mitre.oval:def:5578 | ||
Title: | Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability | ||
Description: | Stack-based buffer overflow in Microsoft msjet40.dll 4.0.8618.0 (aka Microsoft Jet Engine), as used by Access 2003 in Microsoft Office 2003 SP3, allows user-assisted attackers to execute arbitrary code via a crafted MDB file database file containing a column structure with a modified column count. NOTE: this might be the same issue as CVE-2005-0944. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2007-6026 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | Microsoft Jet 4.0 Database Engine |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 | |
Application | 1 | |
Application | 1 | |
Application | 1 | |
Application | 1 | |
Application | 1 | |
Application | 1 | |
Application | 2 | |
Application |
| 8 |
Application | 2 | |
Application | 1 | |
Application | 1 | |
Application | 2 | |
Os | 1 | |
Os | 1 | |
Os | 1 | |
Os | 1 |
SAINT Exploits
Description | Link |
---|---|
Microsoft Jet Engine MDB file ColumnName buffer overflow | More info here |
OpenVAS Exploits
Date | Description |
---|---|
2008-09-03 | Name : Windows Vulnerability in Microsoft Jet Database Engine File : nvt/win_CVE-2007-6026.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
45033 | Microsoft Publisher Object Handler Header Data Validation Arbitrary Code Exec... |
45032 | Microsoft Word Document Malformed CSS Handling Memory Corruption Arbitrary Co... |
45031 | Microsoft Office RTF File Handling Object Parsing Arbitrary Code Execution A memory corruption flaw exists in Office. Word and Outlook fail to validate strings contained in RTF files resulting in memory corruption. With a specially crafted file, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity. |
45028 | Microsoft Malware Protection Engine File Parsing Disk-space Exhaustion DoS |
45027 | Microsoft Malware Protection Engine File Parsing Service DoS |
44880 | Microsoft Windows msjet40.dll MDB File Handling Overflow A remote overflow exists in Microsoft Jet (msjet40.dll). The DLL fails to bounds check user-supplied data resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity. |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2008-05-15 | IAVM : 2008-A-0030 - Microsoft Jet Database Remote Code Execution Vulnerability Severity : Category II - VMSKEY : V0016013 |
2008-05-15 | IAVM : 2008-A-0029 - Microsoft Publisher Remote Code Execution Vulnerability Severity : Category II - VMSKEY : V0016014 |
Snort® IPS/IDS
Date | Description |
---|---|
2019-09-05 | Microsoft Word malformed css remote code execution attempt RuleID : 50895 - Revision : 1 - Type : FILE-OFFICE |
2019-09-05 | Microsoft Word malformed css remote code execution attempt RuleID : 50894 - Revision : 1 - Type : FILE-OFFICE |
2016-04-14 | Microsoft Office Word RTF parsing memory corruption attempt RuleID : 38237 - Revision : 1 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Access MSISAM file magic detected RuleID : 23718 - Revision : 7 - Type : FILE-IDENTIFY |
2014-01-10 | Microsoft Office Access TJDB file magic detected RuleID : 23717 - Revision : 7 - Type : FILE-IDENTIFY |
2014-01-10 | Microsoft Office Access JSDB file magic detected RuleID : 23716 - Revision : 7 - Type : FILE-IDENTIFY |
2014-01-10 | Microsoft Office Access file magic detected RuleID : 23715 - Revision : 8 - Type : FILE-IDENTIFY |
2014-01-10 | Microsoft Office Word RTF parsing memory corruption attempt RuleID : 17743 - Revision : 19 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Publisher Object Handler Validation Code Execution attempted RuleID : 17383 - Revision : 12 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Malware Protection Engine file processing denial of service attempt RuleID : 17306 - Revision : 10 - Type : OS-WINDOWS |
2014-01-10 | RTF control word overflow attempt RuleID : 13803 - Revision : 15 - Type : FILE-OFFICE |
2014-01-10 | Microsoft malware protection engine denial of service attempt RuleID : 13802 - Revision : 7 - Type : OS-WINDOWS |
2014-01-10 | Microsoft malware protection engine denial of service attempt RuleID : 13798 - Revision : 8 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Word malformed css remote code execution attempt RuleID : 13790 - Revision : 13 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Access MSISAM file magic detected RuleID : 13633 - Revision : 18 - Type : FILE-IDENTIFY |
2014-01-10 | Microsoft Office Access TJDB file magic detected RuleID : 13630 - Revision : 18 - Type : FILE-IDENTIFY |
2014-01-10 | Microsoft Office Access JSDB file magic detected RuleID : 13629 - Revision : 18 - Type : FILE-IDENTIFY |
2014-01-10 | Microsoft Office Access file magic detected RuleID : 13626 - Revision : 22 - Type : FILE-IDENTIFY |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2010-10-20 | Name : An application installed on the remote Mac OS X host is affected by multiple ... File : macosx_ms08-026.nasl - Type : ACT_GATHER_INFO |
2008-05-13 | Name : Arbitrary code can be executed on the remote host through Microsoft Word. File : smb_nt_ms08-026.nasl - Type : ACT_GATHER_INFO |
2008-05-13 | Name : Arbitrary code can be executed on the remote host through Microsoft Publisher. File : smb_nt_ms08-027.nasl - Type : ACT_GATHER_INFO |
2008-05-13 | Name : Arbitrary code can be executed on the remote host through the database engine. File : smb_nt_ms08-028.nasl - Type : ACT_GATHER_INFO |
2008-05-13 | Name : It is possible to crash the antimalware program. File : smb_nt_ms08-029.nasl - Type : ACT_GATHER_INFO |