Symantec product detections for Microsoft monthly Security Advisories - December 2008
| Article:TECH139956 | | | Created: 2010-09-15 | | | Updated: 2013-01-09 | | | Article URL http://www.symantec.com/docs/TECH139956 |
Problem
This document describes Symantec product detections for the Microsoft vulnerabilities for which Microsoft releases patches in their monthly Security Advisories.
Note: Symantec posts this information shortly after it becomes available from Microsoft. Any missing information will be added to the document as it becomes available.
Solution
December 9, 2008
|
ID and Rating
|
Description |
Details |
Intrusion Protection System (IPS) Response |
Other Detections |
|
CAN/CVE ID: CVE-2008-4252
BID: 32591
Microsoft ID: MS08-070 MSKB: 932349
Microsoft Rating: Critical |
DataGrid Control Memory Corruption Vulnerability
Remote Code Execution Vulnerability
This vulnerability affects the following products:
Visual Basic 6.0 Runtime Extended Files Visual FoxPro 8.0 SP1 Visual FoxPro 9.0 SP1 and SP2 |
This is a remote code-execution vulnerability affecting the DataGrid ActiveX control for Visual Basic 6 An attacker can exploit this issue by tricking an unsuspecting victim into viewing a malicious web page Successful exploitation of this vulnerability will result in the execution of arbitrary attacker-supplied code in the context of the currently logged in user |
Sig ID: 23187
Detected as "HTTP MS Datagrid ActiveX BO"
Applicability: SNS - SU 105 SGS - SU 69 SCS - SU 185 NIS/NAV/N360 - SU 176 NIS08/NAV08 - SU 136 N360v2 - SU 136 SEP11 - SU 89 |
AV: N/A
Sygate IDS: N/A |
|
CAN/CVE ID: CVE-2008-4253
BID: 32592
Microsoft ID: MS08-070 MSKB: 932349
Microsoft Rating: Critical
|
FlexGrid Control Memory Corruption Vulnerability
Remote Code Execution Vulnerability
This vulnerability affects the following products:
Visual Basic 6.0 Runtime Extended Files Visual FoxPro 8.0 SP1 Visual FoxPro 9.0 SP1 and SP2 Office Front Page 2002 SP3 Office Project 2003 SP3 |
This is a remote code-execution vulnerability affecting the FlexGrid ActiveX control for Visual Basic 6 An attacker can exploit this issue by tricking an unsuspecting victim into viewing a malicious web page Successful exploitation of this vulnerability will result in the execution of arbitrary attacker-supplied code in the context of the currently logged in user |
Sig ID: 23192
Detected as "HTTP MS FlexGrid Memory Corruption"
Canary Sig ID: 50202
Detected as "MSIE MS FlexGrid Memory Corruption"
Applicability: SNS - SU 105 SGS - SU 69 SCS - SU 185 NIS/NAV/N360 - SU 176 NIS08/NAV08 - SU 136 N360v2 - SU 136 SEP11 - SU 89 |
AV: N/A
Sygate IDS: N/A |
|
CAN/CVE ID: CVE-2008-4254
BID: 32612
Microsoft ID: MS08-070 MSKB: 932349
Microsoft Rating: Critical |
Hierarchical FlexGrid Control Memory Corruption Vulnerability
Remote Code Execution Vulnerability
This vulnerability affects the following products:
Visual Basic 6.0 Runtime Extended Files "Visual FoxPro 8.0 SP1 "Visual FoxPro 9.0 SP1 and SP2 |
This is a remote code-execution vulnerability affecting the Hierarchical FlexGrid ActiveX control for Visual Basic 6 An attacker can exploit this issue by tricking an unsuspecting victim into viewing a malicious web page Successful exploitation of this vulnerability will result in the execution of arbitrary attacker-supplied code in the context of the currently logged in user |
Sig ID: 23188
Detected as "HTTP MS DataGrid Memory Corruption"
Canary Sig ID: 50201 Detected as "MSIE MS DataGrid Mem Corruption"
Applicability: SNS - SU 105 SGS - SU 69 SCS - SU 185 NIS/NAV/N360 - SU 176 NIS08/NAV08 - SU 136 N360v2 - SU 136 SEP11 - SU 89
|
AV: N/A
Sygate IDS: N/A |
|
CAN/CVE ID: CVE-2008-4255
BID: 32613
Microsoft ID: MS08-070 MSKB: 932349
Microsoft Rating: Critical
Microsoft Rating: |
Windows Common AVI Parsing Overflow Vulnerability
Remote Code Execution Vulnerability
This vulnerability affects the following products:
Visual Basic 6.0 Runtime Extended Files Visual Studio .NET 2002 SP1 Visual Studio .NET 2003 SP1 Visual FoxPro 8.0 SP1 Visual FoxPro 9.0 SP1 and SP2 Office Project 2003 SP3 Office Project 2007 Office Project 2007 SP1 |
This is a remote code-execution vulnerability affecting the Windows Common ActiveX control for Visual Basic 6 The vulnerability occurs due to the manner in which malformed AVI files are processed An attacker can exploit this issue by tricking an unsuspecting victim into viewing a malicious web page Successful exploitation of this vulnerability will result in the execution of arbitrary attacker-supplied code in the context of the currently logged in user |
Sig ID: N/A |
AV: N/A
Sygate IDS: N/A |
|
CAN/CVE ID: CVE-2008-4256
BID: 32614
Microsoft ID: MS08-070 MSKB: 932349
Microsoft Rating: Critical
|
Charts Control Memory Corruption Vulnerability
Remote Code Execution Vulnerability
This vulnerability affects the following products:
Visual Basic 6.0 Runtime Extended Files Visual Studio .NET 2002 SP1 Visual Studio .NET 2003 SP1 Visual FoxPro 8.0 SP1 Visual FoxPro 9.0 SP1 and SP2 |
This is a remote code-execution vulnerability affecting the Charts ActiveX control for Visual Basic 6 An attacker can exploit this issue by tricking an unsuspecting victim into viewing a malicious web page Successful exploitation of this vulnerability will result in the execution of arbitrary attacker-supplied code in the context of the currently logged in user |
Sig ID: N/A |
AV: N/A
Sygate IDS: N/A |
|
CAN/CVE ID: CVE-2008-3704
BID: 30674
Microsoft ID: MS08-070 MSKB: 932349
Microsoft Rating: Critical
|
Microsoft Visual Studio 'Msmask32.ocx' ActiveX Control Remote Buffer Overflow Vulnerability
Remote Code Execution Vulnerability
This vulnerability affects the following products:
Visual Basic 6.0 Runtime Extended Files Visual Studio .NET 2002 SP1 Visual Studio .NET 2003 SP1 Visual FoxPro 8.0 SP1 Visual FoxPro 9.0 SP1 and SP2 |
This is a remote code-execution vulnerability affecting the 'Msmask32.ocx' ActiveX control The vulnerability is a stack based buffer overflow which occurs when the control handles overly large arguments to the "Mask" parameter An attacker can exploit this issue by tricking an unsuspecting victim into viewing a malicious web page Successful exploitation of this vulnerability will result in the execution of arbitrary attacker-supplied code in the context of the currently logged in user |
Sig ID: N/A |
AV: N/A
Sygate IDS: N/A |
|
CAN/CVE ID: CVE-2008-2249
BID: 32634
Microsoft ID: MS08-071 MSKB: 956802
Microsoft Rating: Critical |
GDI Integer Overflow Vulnerability
Remote Code Execution Vulnerability
This vulnerability affects the following products:
Windows 2000 SP4 Windows XP SP2 and SP3 Windows XP Pro x64 Windows XP Pro x64 SP2 Windows Server 2003 SP1 and SP2 Windows Server 2003 x64 Windows Server 2003 x64 SP2 Windows Server 2003 SP1 and SP2 for Itanium-based Systems Windows Vista Windows Vista SP1 Windows Vista x64 Windows Vista x64 SP1 Windows Server 2008 for 32-bit Systems, x64-based Systems, and Itanium-based Systems |
This is a remote code-execution vulnerability affecting the GDI when processing a specially malformed header in a WMF file An attacker can exploit this issue by tricking an unsuspecting victim into opening a malicious WMF file Successful exploitation of this vulnerability will result in the execution of arbitrary code in the context of the currently logged in user |
Sig ID: 23231
Detected as "HTTP MS GDI Integer BO"
Applicability: SNS - SU 105 SGS - SU 69 SCS - SU 185 NIS/NAV/N360 - SU 176 NIS08/NAV08 - SU 136 N360v2 - SU 136 SEP11 - SU 89 |
AV: Bloodhound.Exploit.214
Sygate IDS: N/A |
|
CAN/CVE ID: CVE-2008-3465
BID: 32637
Microsoft ID: MS08-071 MSKB: 956802
Microsoft Rating: Moderate
|
GDI Heap Overflow Vulnerability
Remote Code Execution Vulnerability
This vulnerability affects the following products:
Windows 2000 SP4 Windows XP SP2 and SP3 Windows XP Pro x64 Windows XP Pro x64 SP2 Windows Server 2003 SP1 and SP2 Windows Server 2003 x64 Windows Server 2003 x64 SP2 Windows Server 2003 SP1 and SP2 for Itanium-based Systems Windows Vista Windows Vista SP1 Windows Vista x64 Windows Vista x64 SP1 Windows Server 2008 for 32-bit Systems, x64-based Systems, and Itanium-based Systems |
This is a remote code-execution vulnerability affecting the GDI when processing file size parameters in specially crafted WMF files An attacker can exploit this issue by tricking an unsuspecting victim into making a copy of a malicious WMF file with a third-party application that uses the GDI API Successful exploitation of this vulnerability will result in the execution of arbitrary code in the context of the currently logged in user |
Sig ID: N/A |
AV: N/A
Sygate IDS: N/A |
|
CAN/CVE ID: CVE-2008-4024
BID: 32580
Microsoft ID: MS08-072 MSKB: 957173
Microsoft Rating: Critical
|
Word Memory Corruption Vulnerability
Remote Code Execution Vulnerability
This vulnerability affects the following products:
Word 2000 SP3 Word 2002 SP3 Office 2004 for Mac |
This is a remote code-execution vulnerability affecting Word when handling a malicious Word file with a malformed record An attacker must trick a victim into opening a malicious file to exploit this issue Successful exploitation of this vulnerability will result in the execution of arbitrary code in the context of the currently logged-in user |
Sig ID: N/A |
AV: N/A
Sygate IDS: N/A |
|
CAN/CVE ID: CVE-2008-4025
BID: 32579
Microsoft ID: MS08-072 MSKB: 957173
Microsoft Rating: Critical
|
Word RTF Object Parsing Vulnerability
Remote Code Execution Vulnerability
This vulnerability affects the following products:
Word 2000 SP3 Word 2002 SP3 Word 2003 SP2 and SP3 Word 2007, and 2007 SP1 Outlook 2007, and 2007 SP1 Word Viewer 2003 Word Viewer 2003 SP3 Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 Office 2004 for Mac Office 2008 for Mac |
This is a remote code-execution vulnerability affecting Word when handling a malicious Rich Text Format (RTF) file with a malformed control word An attacker must trick a victim into opening a malicious file to exploit this issue Successful exploitation of this vulnerability will result in the execution of arbitrary code in the context of the currently logged-in user |
Sig ID: 23221
Detected as "HTTP MS Word RTF Parsing Code Exec"
Applicability: SNS - SU 105 SGS - SU 69 SCS - SU 185 NIS/NAV/N360 - SU 176 NIS08/NAV08 - SU 136 N360v2 - SU 136 SEP11 - SU 89 |
AV: N/A
Sygate IDS: N/A |
|
CAN/CVE ID: CVE-2008-4026
BID: 32583
Microsoft ID: MS08-072 MSKB: 957173
Microsoft Rating: Critical |
Word Memory Corruption Vulnerability
Remote Code Execution Vulnerability
This vulnerability affects the following products:
Word 2000 SP3 Word 2002 SP3 Word 2003 SP2 and SP3 Word 2007, and 2007 SP1 Word Viewer 2000 Word Viewer 2003 SP3 Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 Office 2004 for Mac Office 2008 for Mac |
This is a remote code-execution vulnerability affecting Word when handling a malicious Word file with a malformed value An attacker must trick a victim into opening a malicious file to exploit this issue Successful exploitation of this vulnerability will result in the execution of arbitrary code in the context of the currently logged-in user |
Sig ID: N/A |
AV: Bloodhound.Exploit.218
Sygate IDS: N/A |
|
CAN/CVE ID: CVE-2008-4027
BID: 32581
Microsoft ID: MS08-072 MSKB: 957173
Microsoft Rating: Critical
|
Word RTF Object Parsing Vulnerability
Remote Code Execution Vulnerability
This vulnerability affects the following products:
Word 2000 SP3 Word 2002 SP3 Word 2003 SP2 and SP3 Word 2007, and 2007 SP1 Outlook 2007, and 2007 SP1 Word Viewer 2003 Word Viewer 2003 SP3 Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 Office 2004 for Mac |
This is a remote code-execution vulnerability affecting Word when handling a malicious Rich Text Format (RTF) file with malformed control words An attacker must trick a victim into opening a malicious file to exploit this issue Successful exploitation of this vulnerability will result in the execution of arbitrary code in the context of the currently logged-in user |
Sig ID: 23222
Detected as "HTTP MS Word RTF Malformed Code Exec"
Applicability SNS - SU 105 SGS - SU 69 SCS - SU 185 NIS/NAV/N360 - SU 176 NIS08/NAV08 - SU 136 N360v2 - SU 136 SEP11 - SU 89 |
AV: N/A
Sygate IDS: N/A |
|
CAN/CVE ID: CVE-2008-4030
BID: 32642
Microsoft ID: MS08-072 MSKB: 957173
Microsoft Rating: Critical
|
Word RTF Object Parsing Vulnerability
Remote Code Execution Vulnerability
This vulnerability affects the following products:
Word 2000 SP3 Word 2002 SP3 Word 2003 SP2 and SP3 Word 2007, and 2007 SP1 Outlook 2007, and 2007 SP1 Word Viewer 2003 Word Viewer 2003 SP3 Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 |
This is a remote code-execution vulnerability affecting Word when handling a malicious Rich Text Format (RTF) file with a specially crafted control word An attacker must trick a victim into opening a malicious file to exploit this issue Successful exploitation of this vulnerability will result in the execution of arbitrary code in the context of the currently logged-in user |
Sig ID: N/A |
AV: N/A
Sygate IDS: N/A |
|
CAN/CVE ID: CVE-2008-4028
BID: 32585
Microsoft ID: MS08-072 MSKB: 957173
Microsoft Rating: Critical |
Word RTF Object Parsing Vulnerability
Remote Code Execution Vulnerability
This vulnerability affects the following products:
Word 2000 SP3 Word 2002 SP3 Word 2003 SP2 and SP3 Word 2007, and 2007 SP1 Outlook 2007, and 2007 SP1 Word Viewer 2003 Word Viewer 2003 SP3 Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 Office 2004 for Mac Office 2008 for Mac |
This is a remote code-execution vulnerability affecting Word when handling a malicious Rich Text Format (RTF) file with a specially crafted control word An attacker must trick a victim into opening a malicious file to exploit this issue Successful exploitation of this vulnerability will result in the execution of arbitrary code in the context of the currently logged-in user |
Sig ID: 23223
Detected as "HTTP MS Word RTF Obj Parsing Code Exec"
Applicability: SNS - SU 105 SGS - SU 69 SCS - SU 185 NIS/NAV/N360 - SU 176 NIS08/NAV08 - SU 136 N360v2 - SU 136 SEP11 - SU 89 |
AV: N/A
Sygate IDS: N/A |
|
CAN/CVE ID: CVE-2008-4031
BID: 32594
Microsoft ID: MS08-072 MSKB: 957173
Microsoft Rating: Critical
|
Word RTF Object Parsing Vulnerability
Remote Code Execution Vulnerability
This vulnerability affects the following products:
Word 2000 SP3 Word 2002 SP3 Word 2003 SP2 and SP3 Word 2007, and 2007 SP1 Outlook 2007, and 2007 SP1 Word Viewer 2003 Word Viewer 2003 SP3 Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 Works 8.5 Office 2004 for Mac Office 2008 for Mac |
This is a remote code-execution vulnerability affecting Word when handling a malicious Rich Text Format (RTF) file with a malformed string An attacker must trick a victim into opening a malicious file to exploit this issue Successful exploitation of this vulnerability will result in the execution of arbitrary code in the context of the currently logged-in user |
Sig ID: 23224
Detected as "HTTP MS Word RTF Malicious Code Exec"
Applicability: SNS - SU 105 SGS - SU 69 SCS - SU 185 NIS/NAV/N360 - SU 176 NIS08/NAV08 - SU 136 N360v2 - SU 136 SEP11 - SU 89 |
AV: N/A
Sygate IDS: N/A |
|
CAN/CVE ID: CVE-2008-4837
BID: 32584
Microsoft ID: MS08-072 MSKB: 957173
Microsoft Rating: Critical
|
Word Memory Corruption Vulnerability
Remote Code Execution Vulnerability
This vulnerability affects the following products:
Word 2000 SP3 Word 2002 SP3 Word 2003 SP2 and SP3 Word 2007, and 2007 SP1 Outlook 2007, and 2007 SP1 Word Viewer 2003 Word Viewer 2003 SP3 Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 Works 8.5 |
This is a remote code-execution vulnerability affecting Word when handling a malicious Word file with a malformed record value An attacker must trick a victim into opening a malicious file to exploit this issue Successful exploitation of this vulnerability will result in the execution of arbitrary code in the context of the currently logged-in user |
Sig ID: N/A |
AV: N/A
Sygate IDS: N/A |
|
CAN/CVE ID: CVE-2008-4258
BID: 32596
Microsoft ID: MS08-073 MSKB: 958215
Microsoft Rating: Critical
|
Internet Explorer (IE) Parameter Validation Memory Corruption Vulnerability
Remote Code Execution Vulnerability
This vulnerability affects the following products:
IE 5.01 SP4 IE 6 SP1 |
This is a remote code-execution vulnerability affecting Internet Explorer (IE) due to how it handles certain navigation methods An attacker must trick a victim into visiting a website containing malicious content to exploit this issue Successful exploitation of this vulnerability will result in the execution of arbitrary code in the context of the currently logged-in user |
Sig ID: N/A |
AV: N/A
Sygate IDS: N/A |
|
CAN/CVE ID: CVE-2008-4259
BID: 32586
Microsoft ID: MS08-073 MSKB: 958215
Microsoft Rating: Critical |
Internet Explorer (IE) HTML Objects Memory Corruption Vulnerability
Remote Code Execution Vulnerability
This vulnerability affects the following products:
IE 7 |
This is a remote code-execution vulnerability affecting Internet Explorer (IE) due to the way it accesses uninitialized memory in certain situations An attacker must trick a victim into visiting a website containing malicious content to exploit this issue Successful exploitation of this vulnerability will result in the execution of arbitrary code in the context of the currently logged-in user |
Sig ID: 23228
Detected as "HTTP MSIE Webdav Src BO"
Applicability: SNS - SU 105 SGS - SU 69 SCS - SU 185 NIS/NAV/N360 - SU 176 NIS08/NAV08 - SU 136 N360v2 - SU 136 SEP11 - SU 89 |
AV: N/A
Sygate IDS: N/A |
|
CAN/CVE ID: CVE-2008-4260
BID: 32593
Microsoft ID: MS08-073 MSKB: 958215
Microsoft Rating: Critical |
Internet Explorer (IE) Uninitialized Memory Corruption Vulnerability
Remote Code Execution Vulnerability
This vulnerability affects the following products:
IE 7 |
This is a remote code-execution vulnerability affecting Internet Explorer (IE) due to the way it handles objects which have been deleted An attacker must trick a victim into visiting a website containing malicious content to exploit this issue Successful exploitation of this vulnerability will result in the execution of arbitrary code in the context of the currently logged-in user |
Sig ID: N/A |
AV: N/A
Sygate IDS: N/A |
|
CAN/CVE ID: CVE-2008-4261
BID: 32595
Microsoft ID: MS08-073 MSKB: 958215
Microsoft Rating: Critical
|
Internet Explorer (IE) HTML Rendering Memory Corruption Vulnerability
Remote Code Execution Vulnerability
This vulnerability affects the following products:
IE 5.01 SP4 IE 6 IE 6 SP1 |
This is a remote code-execution vulnerability affecting Internet Explorer (IE) due to the way it embeds objects in a web page An attacker must trick a victim into visiting a website containing malicious content to exploit this issue Successful exploitation of this vulnerability will result in the execution of arbitrary code in the context of the currently logged-in user |
Sig ID: 23225
Detected as "HTTP MS IE Embed Src BO"
Applicability: SNS - SU 105 SGS - SU 69 SCS - SU 185 NIS/NAV/N360 - SU 176 NIS08/NAV08 - SU 136 N360v2 - SU 136 SEP11 - SU 89 |
AV: N/A
Sygate IDS: N/A |
|
CAN/CVE ID: CVE-2008-4265
BID: 32618
Microsoft ID: MS08-074 MSKB: 959070
Microsoft Rating: Critical |
Excel File Format Parsing Vulnerability
Remote Code Execution Vulnerability
This vulnerability affects the following products:
Excel 2000 SP3 |
This is a remote code-execution vulnerability affecting Excel due to memory corruption when loading Excel records An attacker can exploit this issue by tricking an unsuspecting victim into opening a malicious Excel file Successful exploitation of this vulnerability will result in the execution of arbitrary code in the context of the currently logged-in user |
Sig ID: N/A |
AV: Bloodhound.Exploit.230
Sygate IDS: N/A |
|
CAN/CVE ID: CVE-2008-4264
BID: 32621
Microsoft ID: MS08-074 MSKB: 959070
Microsoft Rating: Critical
|
Excel File Format Parsing Vulnerability
Remote Code Execution Vulnerability
This vulnerability affects the following products:
Excel 2000 SP3 Excel 2002 SP3 Excel 2003 SP3 Excel 2007, and 2007 SP1 Office Excel Viewer 2003 Office Excel Viewer 2003 SP3 Office Excel Viewer Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 Office 2004 for Mac Office 2008 for Mac Open XML File Format Converter for Mac |
This is a remote code-execution vulnerability affecting Excel due to pointer corruption when loading Excel formulas An attacker can exploit this issue by tricking an unsuspecting victim into opening a malicious Excel file Successful exploitation of this vulnerability will result in the execution of arbitrary code in the context of the currently logged-in user |
Sig ID: N/A |
AV: Bloodhound.Exploit.216
Sygate IDS: N/A |
|
CAN/CVE ID: CVE-2008-4266
BID: 32622
Microsoft ID: MS08-074 MSKB: 959070
Microsoft Rating: Critical |
Excel Global Array Memory Corruption Vulnerability
Remote Code Execution Vulnerability
This vulnerability affects the following products:
Excel 2000 SP3 Excel 2002 SP3 Excel 2003 SP3 Office Excel Viewer 2003 Office Excel Viewer 2003 SP3 |
This is a remote code-execution vulnerability affecting Excel due to stack corruption when loading Excel records An attacker can exploit this issue by tricking an unsuspecting victim into opening a malicious Excel file Successful exploitation of this vulnerability will result in the execution of arbitrary code in the context of the currently logged-in user |
Sig ID: 23229
Detected as "HTTP MS Excel Record Code Exec"
Applicability: NIS/NAV/N360 - SU 176 NIS08/NAV08 - SU 136 N360v2 - SU 136 |
AV: Bloodhound.Exploit.215
Sygate IDS: N/A |
|
CAN/CVE ID: CVE-2008-4268
BID: 32651
Microsoft ID: MS08-075 MSKB: 959349
Microsoft Rating: Important |
Windows Saved Search Vulnerability
Remote Code Execution Vulnerability
This vulnerability affects the following products:
Windows Vista Windows Vista SP1 Windows Vista x64 Windows Vista x64 SP1 Windows Server 2008 for 32-bit Systems, x64-based Systems, and Itanium-based Systems |
This is a remote code execution vulnerability affecting Windows Explorer when saving a specially crafted Windows Search file To exploit this issue an attacker must trick a victim into saving a malicious search file with Windows Explorer Successful exploitation of this vulnerability will result in the execution of arbitrary attacker-supplied code in the context of the currently logged-in user |
Sig ID: N/A |
AV: N/A
Sygate IDS: N/A |
|
CAN/CVE ID: CVE-2008-4269
BID: 32652
Microsoft ID: MS08-075 MSKB: 959349
Microsoft Rating: Critical
|
Windows Search Parsing Vulnerability
Remote Code Execution Vulnerability
This vulnerability affects the following products:
Windows Vista Windows Vista SP1 Windows Vista x64 Windows Vista x64 SP1 Windows Server 2008 for 32-bit Systems, x64-based Systems, and Itanium-based Systems |
This is a remote code execution vulnerability affecting Windows Explorer in the "search-ms" protocol handler To exploit this issue an attacker must trick a victim into viewing a web page with a malicious "search-ms://" URI Successful exploitation of this vulnerability will result in the execution of arbitrary attacker-supplied code in the context of the currently logged-in user |
Sig ID: 23226
Detected as "HTTP Windows Search RCE"
Applicability: SNS - SU 105 SGS - SU 69 SCS - SU 185 NIS/NAV/N360 - SU 176 NIS08/NAV08 - SU 136 N360v2 - SU 136 SEP11 - SU 89 |
AV: N/A
Sygate IDS: N/A |
|
CAN/CVE ID: CVE-2008-4032
BID: 32638
Microsoft ID: MS08-077 MSKB: 957175
Microsoft Rating: Important
|
Office Sharepoint Access Control Vulnerability
Elevation of Privilege Vulnerability
This vulnerability affects the following products:
Office SharePoint Server 2007 (32-bit editions) Office SharePoint Server 2007 SP1 (32-bit editions) Office SharePoint Server 2007 (64-bit editions) Office SharePoint Server 2007 SP1 (64-bit editions) |
This is remote authentication-bypass vulnerability affecting Sharepoint because it improperly permits access to certain administrative functions to unauthenticated users An attacker can exploit this issue with a web browser Successful exploitation of this vulnerability can result in denial of service conditions, information disclosure, and possibly allow the attacker to execute arbitrary script code in the context of the affected server |
Sig ID: N/A |
AV: N/A
Sygate IDS: N/A |
|
CAN/CVE ID: CVE-2008-3009
BID: 32653
Microsoft ID: MS08-076 MSKB: 959807
Microsoft Rating: Important |
Windows Media Components SPN Vulnerability
Remote Code Execution Vulnerability
This vulnerability affects the following products:
Windows Media Components 6.4 Windows Media Components 7.1 Windows Media Components 9.0 Windows Media Components 9.5 Windows Media Components 10 Windows Media Components 11 Windows Media Services 4.1 Windows Media Services 9 Windows Media Services 2008 |
This is a remote code execution vulnerability affecting the Service Principle Name (SPN) implementations of Windows Media Components that allows an attacker to reflect a victim's credentials back to the victim To exploit this issue an attacker must trick the victim into connecting and authenticating to a malicious Media Server Successful exploitation of this vulnerability will result in the execution of arbitrary code in the context of the currently logged-in user |
Sig ID: N/A |
AV: N/A
Sygate IDS: N/A |
|
CAN/CVE ID: CVE-2008-3010
BID: 32654
Microsoft ID: MS08-076 MSKB: 959807
Microsoft Rating: Important |
Windows Media Components ISATAP Vulnerability
Information Disclosure Vulnerability
This vulnerability affects the following products:
Windows Media Components 6.4 Windows Media Components 7.1 Windows Media Components 9.0 Windows Media Components 9.5 Windows Media Components 10 Windows Media Components 11 Windows Media Services 4.1 Windows Media Services 9 Windows Media Services 2008 |
This is a remote code execution vulnerability affecting the Windows Media Component because of how it treats an external resource as internal when connecting to a server that is using an Intra-Site Automatic Tunnel Addressing Protocol (ISATAP) address To exploit this issue an attacker must trick a victim into viewing a web page containing malicious content to exploit this issue Successful exploitation of this vulnerability will result in the disclosure of the victim's NTLM credentials. This may aid in further attacks |
Sig ID: N/A |
AV: N/A
Sygate IDS: N/A |
|
|
Related Articles
Legacy ID
2010030511372348
Article URL http://www.symantec.com/docs/TECH139956
Terms of use for this information are found in Legal Notices
Thank you.