----------------------------------------------------------------------

Want a new job?

http://secunia.com/secunia_security_specialist/
http://secunia.com/hardcore_disassembler_and_reverse_engineer/

International Partner Manager - Project Sales in the IT-Security
Industry:
http://corporate.secunia.com/about_secunia/64/

----------------------------------------------------------------------

TITLE:
Microsoft Office SharePoint Server Privilege Escalation Vulnerability

SECUNIA ADVISORY ID:
SA31455

VERIFY ADVISORY:
http://secunia.com/advisories/31455/

CRITICAL:
Less critical

IMPACT:
Privilege escalation

WHERE:
>From remote

SOFTWARE:
Microsoft Office SharePoint Server 2007
http://secunia.com/product/13227/

DESCRIPTION:
A vulnerability has been reported in Microsoft Office SharePoint
Server, which can be exploited by malicious users to gain escalated
privileges.

The vulnerability is caused due to an error when parsing certain
Excel record values. This can be exploited to gain the same
privileges as the SharePoint server.

For more information:
SA31454

Successful exploitation requires an account on the SharePoint site
with privileges to upload an Excel file and then create a web part
using the file.

SOLUTION:
Apply patches.

Microsoft Office SharePoint Server 2007:
http://www.microsoft.com/downloads/details.aspx?FamilyId=a7731749-b026-4765-808a-e151b990f0e1

Microsoft Office SharePoint Server 2007 SP1:
http://www.microsoft.com/downloads/details.aspx?FamilyId=a7731749-b026-4765-808a-e151b990f0e1

Microsoft Office SharePoint Server 2007 x64 Edition:
http://www.microsoft.com/downloads/details.aspx?FamilyId=fc95ab88-2d31-44e1-a702-7cb10e83695b

Microsoft Office SharePoint Server 2007 x64 Edition SP1:
http://www.microsoft.com/downloads/details.aspx?FamilyId=fc95ab88-2d31-44e1-a702-7cb10e83695b

PROVIDED AND/OR DISCOVERED BY:
The vendor credits TippingPoint and the Zero Day Initiative.

ORIGINAL ADVISORY:
MS08-043 (KB954066):
http://www.microsoft.com/technet/security/Bulletin/MS08-043.mspx

OTHER REFERENCES:
SA31454#3:
http://secunia.com/advisories/31454/

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

----------------------------------------------------------------------