Symantec product detections for Microsoft monthly Security Advisories - May 2008
| Article:TECH139963 | | | Created: 2010-09-15 | | | Updated: 2013-01-09 | | | Article URL http://www.symantec.com/docs/TECH139963 |
Problem
This document describes Symantec product detections for the Microsoft vulnerabilities for which Microsoft releases patches in their monthly Security Advisories.
Note: Symantec posts this information shortly after it becomes available from Microsoft. Any missing information will be added to the document as it becomes available.
Solution
May 13, 2008
|
ID and Rating
|
Description |
Details |
Intrusion Protection System (IPS) Response |
Other Detections |
|
CAN/CVE ID: CVE-2008-1091
BID: 29104
Microsoft ID: MS08-026
MSKB: 951207
Microsoft Rating: Critical |
Word Object Parsing Vulnerability
Remote Code Execution Vulnerability
This vulnerability affects the following products:
Word 2000 SP3, 2002 SP3, 2003 SP2, 2003 SP3 Word Viewer 2003, 2003 SP3 Word 2007, 2007 SP1 Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Office 2004 and 2008 for Mac |
This is a remote code execution vulnerability affecting Word when handling specially crafted Rich Text Format (.rtf) files. An attacker can exploit this issue by tricking an unsuspecting victim into opening a malicious file. Successful exploitation of this vulnerability will result in the execution of attacker-supplied code in the context of the currently logged in user. |
Sig ID: 22932
Detected as"HTTP MS Word RTF File Code Exec"
Applicability: SCS – SU 130 NIS/NAV/N360 – SU 114 NIS08/NAV08 – SU 64 N360v2 – SU 64 SEP11 – SU 49 |
AV: Bloodhound.Exploit.192
Sygate IDS: N/A |
|
CAN/CVE ID: CVE-2008-1434
BID: 29105
Microsoft ID: MS08-026
MSKB: 951207
Microsoft Rating:
|
Word Cascading Style Sheet (CSS) Vulnerability
Remote Code Execution Vulnerability
This vulnerability affects the following products:
Word 2000 SP3, 2002 SP3, 2003 SP2, 2003 SP3 Word Viewer 2003, 2003 SP3 Word 2007, 2007 SP1, Outlook 2007, 2007 SP1 Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Office 2004 and 2008 Mac |
This is a remote code execution vulnerability affecting Word. The vulnerability is in the handling of Word files that include a malformed CSS value. An attacker can exploit this issue by tricking an unsuspecting victim into opening a malicious file. Successful exploitation of this vulnerability will result in the execution of attacker-supplied code in the context of the currently logged in user. |
Sig ID: 22931
Detected as"HTTP MS Word CSS Remote Code Exec"
Applicability: SCS – SU 130 NIS/NAV/N360 – SU 114 NIS08/NAV08 – SU 64 N360v2 – SU 64 SEP11 – SU 49
|
AV: N/A
Sygate IDS: N/A |
|
CAN/CVE ID: CVE-2008-0119
BID: 29158
Microsoft ID: MS08-027
MSKB: 951208
Microsoft Rating: Critical |
Publisher Object Handler Validation Vulnerability
Remote Code Execution Vulnerability
This vulnerability affects the following products:
Publisher 2000 SP3, 2002 SP3, 2003 SP2, 2003 SP3, 2007, 2007 SP1 |
This is a remote code-execution vulnerability affecting Publisher. The vulnerability is in the validating of object header data in a maliciously crafted Publisher file. An attacker can exploit this issue by tricking an unsuspecting victim into opening a malicious file. Successful exploitation of this vulnerability will result in the execution of attacker-supplied code in the context of the currently logged in user. |
N/A |
AV: N/A
Sygate IDS: N/A |
|
CAN/CVE ID: CVE-2007-6026
BID: 26468
Microsoft ID: MS08-028
MSKB: 950749
Microsoft Rating: Important |
Jet DB Engine MDB File Parsing Vulnerability
Remote Code Execution Vulnerability
This vulnerability affects the following products:
Jet 4.0 Database Engine |
This is a stack-based buffer-overflow affecting Microsoft Jet Database Engine. Attackers are exploiting this issue by placing a malicious MDB file in a Word file, and then distributing the Word file. Successful exploitation of this vulnerability will result in the execution of attacker-supplied code in the context of the currently logged in user. |
N/A |
AV: Bloodhound.Exploit.183
Sygate IDS: N/A |
|
CAN/CVE ID: CVE-2008-1437
BID: 29060
Microsoft ID: MS08-029
MSKB: 952044
Microsoft Rating: Moderate |
Malware Protection Engine Vulnerability
Denial of Service Vulnerability
This vulnerability affects the following products:
Live OneCare Antigen for Exchange 9.x, Antigen for SMTP Gateway 9.x Windows Defender for Windows XP, Vista Forefront Client Security, FCS for exchange and SharePoint Standalone System Sweeper located in Diagnostics and Recovery Toolset 6 |
This is a denial-of-service vulnerability affecting Malware Protection Engine. An attacker can exploit this issue by sending a malicious file to an affected system, or by placing the file at a publicly accessible location and tricking a victim into downloading the file. Successful exploitation of this vulnerability will cause the affected computer to become non-responsive and restart. |
N/A |
AV: N/A
Sygate IDS: N/A |
|
CAN/CVE ID: CVE-2008-1438
BID: 29073
Microsoft ID: MS08-029
MSKB: 952044
Microsoft Rating: Moderate |
Malware Protection Engine Vulnerability
Denial of Service Vulnerability
This vulnerability affects the following products:
Live OneCare Antigen for Exchange 9.x, Antigen for SMTP Gateway 9.x Windows Defender for Windows XP, Vista Forefront Client Security, FCS for Exchange and SharePoint Standalone System Sweeper located in Diagnostics and Recovery Toolset 6 |
This is a denial-of-service vulnerability affecting Malware Protection Engine. An attacker can exploit this issue by sending a malicious file to an affected system, or by placing the file at a publicly accessible location and tricking a victim into downloading the file. Successful exploitation of this vulnerability will cause the affected computer to become non-responsive and restart. |
N/A |
AV: N/A
Sygate IDS: N/A |
|
|
Related Articles
Legacy ID
2010030511372348
Article URL http://www.symantec.com/docs/TECH139963
Terms of use for this information are found in Legal Notices
Thank you.