1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP MS Office Web Components Code Exec 1

HTTP MS Office Web Components Code Exec 1

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects an attempt to exploit a vulnerability in Microsoft Office Web Components which may result in remote code execution.

Additional Information

Microsoft Office Web Components are tools used to publish and view Office documents on the web.

An unspecified ActiveX control included in Office Web Components is prone to a remote code-execution vulnerability. The control is identified by the following CLSIDs:

0002E541-0000-0000-C000-000000000046
0002E559-0000-0000-C000-000000000046

Few technical details are currently available. We will update this BID as more information emerges.

An attacker could exploit this issue by enticing a victim to visit a maliciously crafted site.

Successful exploits may allow the attacker to execute arbitrary code with the privileges of the user running the application.

Affected

  • Microsoft Office XP SP3
  • + Microsoft Excel 2002 SP3
  • + Microsoft Excel 2002 SP3
  • + Microsoft FrontPage 2002 SP3
  • + Microsoft FrontPage 2002 SP3
  • + Microsoft Outlook 2002 SP3
  • + Microsoft Outlook 2002 SP3
  • + Microsoft PowerPoint 2002 SP3
  • + Microsoft PowerPoint 2002 SP3
  • + Microsoft Publisher 2002 SP3
  • + Microsoft Publisher 2002 SP3
  • Microsoft Office XP SP2
  • - Microsoft Windows 2000 Professional SP3
  • - Microsoft Windows 2000 Professional SP2
  • - Microsoft Windows 2000 Professional SP1
  • - Microsoft Windows 2000 Professional
  • - Microsoft Windows 98
  • - Microsoft Windows 98SE
  • - Microsoft Windows ME
  • - Microsoft Windows NT Workstation 4.0 SP6a
  • - Microsoft Windows NT Workstation 4.0 SP6
  • - Microsoft Windows NT Workstation 4.0 SP5
  • - Microsoft Windows NT Workstation 4.0 SP4
  • - Microsoft Windows NT Workstation 4.0 SP3
  • - Microsoft Windows NT Workstation 4.0 SP2
  • - Microsoft Windows NT Workstation 4.0 SP1
  • - Microsoft Windows NT Workstation 4.0
  • - Microsoft Windows XP Home SP1
  • - Microsoft Windows XP Home
  • - Microsoft Windows XP Professional SP1
  • - Microsoft Windows XP Professional
  • Microsoft Office XP SP1
  • - Microsoft Windows 2000 Professional SP2
  • - Microsoft Windows 2000 Professional SP1
  • - Microsoft Windows 2000 Professional
  • - Microsoft Windows 98
  • - Microsoft Windows ME
  • - Microsoft Windows NT Workstation 4.0 SP6a
  • - Microsoft Windows NT Workstation 4.0 SP6
  • - Microsoft Windows NT Workstation 4.0 SP5
  • - Microsoft Windows NT Workstation 4.0 SP4
  • - Microsoft Windows NT Workstation 4.0 SP3
  • - Microsoft Windows NT Workstation 4.0 SP2
  • - Microsoft Windows NT Workstation 4.0 SP1
  • - Microsoft Windows NT Workstation 4.0
  • - Microsoft Windows XP Home
  • - Microsoft Windows XP Professional
  • Microsoft Office XP
  • - Microsoft Windows 2000 Professional SP2
  • - Microsoft Windows 2000 Professional SP1
  • - Microsoft Windows 2000 Professional
  • - Microsoft Windows 98
  • - Microsoft Windows ME
  • - Microsoft Windows NT Workstation 4.0 SP6a
  • - Microsoft Windows NT Workstation 4.0 SP6
  • - Microsoft Windows NT Workstation 4.0 SP5
  • - Microsoft Windows NT Workstation 4.0 SP4
  • - Microsoft Windows NT Workstation 4.0 SP3
  • - Microsoft Windows NT Workstation 4.0 SP2
  • - Microsoft Windows NT Workstation 4.0 SP1
  • - Microsoft Windows NT Workstation 4.0
  • - Microsoft Windows XP Home
  • - Microsoft Windows XP Professional
  • Microsoft Office 2003 SP3
  • Microsoft Office 2003 SP2
  • Microsoft Office 2003 SP1
  • Microsoft Office 2003 0
  • + Microsoft Excel 2003
  • + Microsoft FrontPage 2003
  • + Microsoft InfoPath 2003
  • + Microsoft OneNote 2003 0
  • + Microsoft Outlook 2003 0
  • + Microsoft PowerPoint 2003 0
  • + Microsoft Publisher 2003
  • Microsoft Microsoft Office Small Business Accounting 2006 0
  • Microsoft Internet Security and Acceleration Server 2006 Supportability Up 0
  • Microsoft Internet Security and Acceleration Server 2006 SP1
  • Microsoft Internet Security and Acceleration Server 2006 0
  • Microsoft Internet Security and Acceleration Server 2004 Standard Edition SP3
  • Microsoft Internet Security and Acceleration Server 2004 Enterprise Editio SP3

Response

Download and install all vendor patches related to this vulnerability.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube