---------------------------------------------------------------------- Hardcore Disassembler / Reverse Engineer Reversing must be a passion as your skills will be challenged on a daily basis and you will be working several hours everyday in IDA, Ollydbg, and with BinDiff. Often, it is also required that you write a PoC or even a working exploit to prove that an issue is exploitable. http://secunia.com/hardcore_disassembler_and_reverse_engineer/ ---------------------------------------------------------------------- TITLE: Microsoft Office Filters Memory Corruption Vulnerabilities SECUNIA ADVISORY ID: SA21013 VERIFY ADVISORY: http://secunia.com/advisories/21013/ CRITICAL: Highly critical IMPACT: System access WHERE: >From remote SOFTWARE: Microsoft Office 2000 http://secunia.com/product/24/ Microsoft Office 2003 Professional Edition http://secunia.com/product/2276/ Microsoft Office 2003 Small Business Edition http://secunia.com/product/2277/ Microsoft Office 2003 Standard Edition http://secunia.com/product/2275/ Microsoft Office 2003 Student and Teacher Edition http://secunia.com/product/2278/ Microsoft Office XP http://secunia.com/product/23/ Microsoft OneNote 2003 http://secunia.com/product/7140/ Microsoft Project 2000 http://secunia.com/product/158/ Microsoft Project 2002 http://secunia.com/product/157/ Microsoft Project 2003 http://secunia.com/product/3170/ Microsoft Works Suite 2004 http://secunia.com/product/3897/ Microsoft Works Suite 2005 http://secunia.com/product/8711/ Microsoft Works Suite 2006 http://secunia.com/product/8712/ DESCRIPTION: Two vulnerabilities have been reported in Microsoft Office, which can be exploited by malicious people to compromise a user's system. 1) An error within the processing of GIF files can be exploited to corrupt memory via a specially crafted GIF file. 2) An error within the processing of PNG files can be exploited to corrupt memory via a specially crafted PNG file. Successful exploitation of the vulnerabilities allows execution of arbitrary code when a malicious file is opened. SOLUTION: Apply patches. Microsoft Office 2003 SP1 or SP2: http://www.microsoft.com/downloads/details.aspx?FamilyId=66C15CD1-A33B-4EB4-9D90-87DECF053768 Microsoft Office XP SP3: http://www.microsoft.com/downloads/details.aspx?FamilyId=1506FE89-1753-40AC-BB3E-A053B3EB6260 Microsoft Office 2000 SP3: http://www.microsoft.com/downloads/details.aspx?FamilyId=9B0A1795-DA76-4935-AA90-E6AEDC0CDE6B Microsoft Project 2002: http://www.microsoft.com/downloads/details.aspx?FamilyId=2194EC63-582E-4E64-B71F-99918BF14FFA Microsoft Project 2000: http://www.microsoft.com/downloads/details.aspx?FamilyId=42493E0C-91DE-49B0-B5B7-2214D55DE079 Microsoft Works Suite 2004: http://www.microsoft.com/downloads/details.aspx?FamilyId=1506FE89-1753-40AC-BB3E-A053B3EB6260 Microsoft Works Suite 2005: http://www.microsoft.com/downloads/details.aspx?FamilyId=1506FE89-1753-40AC-BB3E-A053B3EB6260 Microsoft Works Suite 2006: http://www.microsoft.com/downloads/details.aspx?FamilyId=1506FE89-1753-40AC-BB3E-A053B3EB6260 PROVIDED AND/OR DISCOVERED BY: 1) The vendor credits NSFocus Security Team. 2) The vendor credits Fortinet. ORIGINAL ADVISORY: MS06-039 (KB915384): http://www.microsoft.com/technet/security/Bulletin/MS06-039.mspx ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------