Post by Arne on Nov 14, 2008 9:29:49 GMT 1
CRITICAL:
Microsoft XML Core Services Multiple Vulnerabilities (MS08-069)
Affected:
Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Office
Description:
Microsoft XML Core Services are a collection of components in various Microsoft products that are used to parse XML content. These components contain multiple vulnerabilities in their handling of a variety of XML content. A specially crafted web page containing XML data could trigger a memory corruption vulnerability leading to remote code execution with the privileges of the current user. Other vulnerabilities could lead to information disclosure or cross site scripting vulnerabilities. Some technical details and a proof-of-concept are publicly available for these vulnerabilities.
Status:
Vendor confirmed, updates available.
References:
Microsoft Security Bulletin
www.microsoft.com/technet/security/bulletin/ms08-069.mspx
SANS Internet Storm Center Handler's Diary Entry
isc.sans.org/diary.html?storyid=2181&rss
Posting by Michal Zalewski
www.securityfocus.com/archive/1/455965
Proof-of-Concept (direct link)
lcamtuf.coredump.cx/iediex/iediex.html
SecurityFocus BIDs
www.securityfocus.com/bid/32204
www.securityfocus.com/bid/21872
www.securityfocus.com/bid/32155
Source: www.qualys.com/index.php
Microsoft XML Core Services Multiple Vulnerabilities (MS08-069)
Affected:
Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Office
Description:
Microsoft XML Core Services are a collection of components in various Microsoft products that are used to parse XML content. These components contain multiple vulnerabilities in their handling of a variety of XML content. A specially crafted web page containing XML data could trigger a memory corruption vulnerability leading to remote code execution with the privileges of the current user. Other vulnerabilities could lead to information disclosure or cross site scripting vulnerabilities. Some technical details and a proof-of-concept are publicly available for these vulnerabilities.
Status:
Vendor confirmed, updates available.
References:
Microsoft Security Bulletin
www.microsoft.com/technet/security/bulletin/ms08-069.mspx
SANS Internet Storm Center Handler's Diary Entry
isc.sans.org/diary.html?storyid=2181&rss
Posting by Michal Zalewski
www.securityfocus.com/archive/1/455965
Proof-of-Concept (direct link)
lcamtuf.coredump.cx/iediex/iediex.html
SecurityFocus BIDs
www.securityfocus.com/bid/32204
www.securityfocus.com/bid/21872
www.securityfocus.com/bid/32155
Source: www.qualys.com/index.php