Ravens PHP Scripts

Microsoft Step-by-Step Interactive Training Bookmark Link File Buffer Overflow
Date: Tuesday, February 13, 2007 @ 19:17:30 CET
Topic: Security


SECUNIA ADVISORY ID: SA24121

VERIFY ADVISORY: http://secunia.com/advisories/24121/

CRITICAL: Highly critical

IMPACT: System access

WHERE: >From remote

SOFTWARE: Microsoft Interactive Training 3.x - http://secunia.com/product/6508/

DESCRIPTION: A vulnerability has been reported in Microsoft Step-by-Step Interactive Training, which can be exploited by malicious people to compromise a vulnerable system.




The vulnerability is caused due to a boundary error in the handling of Step-by-Step Interactive Training bookmark link files (.cbo, .cbl, .cbm). This can be exploited to cause a buffer overflow via e.g. a specially crafted web page. Successful exploitation allows execution of arbitrary code.

SOLUTION: Apply patches.
Microsoft Windows 2000 Service Pack 4: http://www.microsoft.com/downloads/details.aspx?FamilyId=128c57af-663a-4476-92f5-aab394cfc91a
Microsoft Windows XP Service Pack 2: http://www.microsoft.com/downloads/details.aspx?FamilyId=128c57af-663a-4476-92f5-aab394cfc91a
Microsoft Windows XP Professional x64 Edition: http://www.microsoft.com/downloads/details.aspx?FamilyId=e268ffd5-295c-45f7-afd1-60007e791f8c
Microsoft Windows Server 2003 (with or without SP1): http://www.microsoft.com/downloads/details.aspx?FamilyId=128c57af-663a-4476-92f5-aab394cfc91a
Microsoft Windows Server 2003 for Itanium-based Systems (with or without SP1): http://www.microsoft.com/downloads/details.aspx?FamilyId=5eeedd28-47a5-4b30-a913-c1150330ecbe
Microsoft Windows Server 2003 x64 Edition: http://www.microsoft.com/downloads/details.aspx?FamilyId=2760120e-96b2-42b2-b5df-6322c9385729

PROVIDED AND/OR DISCOVERED BY: The vendor credits Brett Moore of Security-Assessment.com

ORIGINAL ADVISORY: MS07-005 (KB923723): http://www.microsoft.com/technet/security/Bulletin/MS07-005.mspx






This article comes from Ravens PHP Scripts
http://www.ravenphpscripts.com

The URL for this story is:
http://www.ravenphpscripts.com/modules.php?name=News&file=article&sid=2753