Date: 12 November 2008
References: ESB-2008.1058
Click here for printable version
Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
A U S C E R T A L E R T
AL-2008.0113 -- AUSCERT ALERT
[Win]
MS08-069 Vulnerabilities in Microsoft XML Core Services
Could Allow Remote Code Execution
12 November 2008
===========================================================================
AusCERT Alert Summary
---------------------
Product: XML Core Services
Publisher: Microsoft
Operating System: Windows
Impact: Execute Arbitrary Code/Commands
Access Confidential Data
Access: Remote/Unauthenticated
CVE Names: CVE-2008-4033 CVE-2008-4029 CVE-2007-0099
Original Bulletin:
http://www.microsoft.com/technet/security/bulletin/ms08-069.mspx
- --------------------------BEGIN INCLUDED TEXT--------------------
Microsoft Security Bulletin MS08-069 Critical
Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code
Execution (955218)
Published: November 11, 2008
Version: 1.0
General Information
Executive Summary
This security update resolves several vulnerabilities in Microsoft XML
Core Services. The most severe vulnerability could allow remote code
execution if a user viewed a specially crafted Web page using Internet
Explorer. Users whose accounts are configured to have fewer user rights
on the system could be less impacted than users who operate with
administrative user rights.
This security update is rated Critical for Microsoft XML Core Services
3.0 and Important for Microsoft XML Core Services 4.0, Microsoft XML Core
Services 5.0, and Microsoft XML Core Services 6.0.
The security update addresses the vulnerabilities by modifying the way
that Microsoft XML Core Services parses XML content, handles external
document type definitions (DTD), and sets HTTP request fields.
Recommendation. Microsoft recommends that customers apply the update
immediately.
Affected Software
o Microsoft Windows 2000 Service Pack 4
o Windows XP Service Pack 2
o Windows XP Service Pack 3
o Windows XP Professional x64 Edition and Windows XP Professional x64
Edition Service Pack 2
o Windows Server 2003 Service Pack 1 and Windows Server 2003 Service
Pack 2
o Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition
Service Pack 2
o Windows Server 2003 with SP1 for Itanium-based Systems and Windows
Server 2003 with SP2 for Itanium-based Systems
o Windows Vista
o Windows Vista Service Pack 1
o Windows Vista x64 Edition
o Windows Vista x64 Edition Service Pack 1
o Windows Server 2008 for 32-bit Systems*
o Windows Server 2008 for x64-based Systems*
o Windows Server 2008 for Itanium-based Systems
o Microsoft Office 2003 Service Pack 3
o Microsoft Word Viewer 2003 Service Pack 3
o 2007 Microsoft Office System
o 2007 Microsoft Office System Service Pack 1
o Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint
2007 File Formats
*Windows Server 2008 Server Core installation not affected
Non-Affected Software
o Microsoft Office 2000 Service Pack 3
o Microsoft Office XP Service Pack 3
o Microsoft Office SharePoint Portal Server 2001 Service Pack 3
o Microsoft Office SharePoint Portal Server 2003 Service Pack 3
o Microsoft Excel Viewer 2003 Service Pack 3
Vulnerability Information
MSXML Memory Corruption Vulnerability - CVE-2007-0099
A remote code execution vulnerability exists in the way that Microsoft
XML Core Services parses XML content. The vulnerability could allow remote
code execution if a user browses a Web site that contains specially crafted
content or opens specially crafted HTML e-mail.
MSXML DTD Cross-Domain Scripting Vulnerability - CVE-2008-4029
An information disclosure vulnerability exists in the way that Microsoft
XML Core Services handles error checks for external document type
definitions (DTDs). The vulnerability could allow information disclosure
if a user browses a Web site that contains specially crafted content or
opens specially crafted HTML e-mail.
MSXML Header Request Vulnerability - CVE-2008-4033
An information disclosure vulnerability exists in the way that Microsoft
XML Core Services handles transfer-encoding headers. The vulnerability
could allow information disclosure if a user browses a Web site that
contains specially crafted content or opens specially crafted HTML e-mail.
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
If you believe that your computer system has been compromised or attacked in
any way, we encourage you to let us know by completing the secure National IT
Incident Reporting Form at:
http://www.auscert.org.au/render.html?it=3192
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBSRou1ih9+71yA2DNAQJfBQP/Tipld52lSo/xhkJ8t3+ZtCxI/CC8z113
WT9on/DPKcQ44Ji3MvVCPp9Cs6IuyAeFF3xEl5BMe/S65NTuB1P9TrlUmKicX5su
QMVp30AAbzeyUfvps6MRKekhb5SgkjpOeWvVy/kX1977sSl1g0Keb8vbzP9Oq/+k
9vt0yMORRXY=
=1dpi
-----END PGP SIGNATURE-----
|