OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
[Full-disclosure] Immunity: Word 0-day issue is problem in Smart Tags

From: Juha-Matti Laurio (juha-matti.laurionetti.fi)
Date: Tue Jun 13 2006 - 10:27:42 CDT


Microsoft will release a fix to code execution vulnerability in MS Word today
( http://www.microsoft.com/technet/security/advisory/919637.mspx
CVE-2006-2492 etc.)

Major sources say this vulnerability affecting Word 2003 and Word 2002 is problem in object handling.
But it appears that one vendor (Immunity Inc.) had their non-public PoC in late May, already.

After some hours we know more details about the vulnerability.
Especially I'm interested what was the reason to recommend using Office Viewers as a workaround. Maybe these viewers don't support Smart Tags.
MS has instruction to switch this feature off as well:
http://office.microsoft.com/en-gb/assistance/HP030832781033.aspx

I have written a detailed story to
http://blogs.securiteam.com/index.php/archives/436

- Juha-Matti

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/