Ravens PHP Scripts

Microsoft Malware Protection Engine PDF File Parsing Vulnerability
Date: Tuesday, February 13, 2007 @ 19:19:51 PST
Topic: Security


SECUNIA ADVISORY ID: SA24146

VERIFY ADVISORY: http://secunia.com/advisories/24146/

CRITICAL: Highly critical

IMPACT: System access

WHERE: >From remote

OPERATING SYSTEM: Microsoft Windows Vista - http://secunia.com/product/13223/

SOFTWARE:
Microsoft Windows Defender - http://secunia.com/product/13464/
Microsoft Forefront Security for SharePoint - http://secunia.com/product/13488/
Microsoft Forefront Security for Exchange Server - http://secunia.com/product/13487/
Microsoft Antigen 9.x - http://secunia.com/product/13422/
Microsoft Windows Live OneCare - http://secunia.com/product/13486/

DESCRIPTION: A vulnerability has been reported in Microsoft Malware Protection Engine, which can be exploited by malicious people to compromise a vulnerable system.




The vulnerability is caused due to an integer overflow error when parsing PDF (Portable Document Format) files. This can be exploited to cause a buffer overflow when a specially crafted PDF file is scanned. Successful exploitation allows execution of arbitrary code.

SOLUTION: Apply the latest Microsoft Malware Protection Engine update.

PROVIDED AND/OR DISCOVERED BY: The vendor credits Neel Mehta and Alex Wheeler, ISS X-Force.

ORIGINAL ADVISORY: MS07-010 (KB932135): http://www.microsoft.com/technet/security/Bulletin/MS07-010.mspx






This article comes from Ravens PHP Scripts
http://www.ravenphpscripts.com

The URL for this story is:
http://www.ravenphpscripts.com/modules.php?name=News&file=article&sid=2755