-=PCTechTalk=- Fw: Microsoft Security Bulletin MS03-037: Flaw in Visual Basic for Applications Could Allow Arbitrary Code Execution(822715)

• From: "Lionel" <percy10@xxxxxxxxxxxxxxx>
• To: <pctechtalk@xxxxxxxxxxxxx>
• Date: Thu, 4 Sep 2003 08:53:46 +1000

Thought I would send this along in case some of you did not get it .
Lionel.


-------------------------------------------------------------------------
FIGHT BACK AGAINST SPAM!
Download Spam Inspector, the Award Winning Anti-Spam Filter
http://mail.giantcompany.com


----- Original Message -----
From: "Microsoft"
<0_51915_C8FF513D-EDB5-B44D-83E5-CF713652B20B_AU@xxxxxxxxxxxxxxxxxxxxxxxxx>
To: <percy10@xxxxxxxxxxxxxxx>
Sent: Thursday, September 04, 2003 7:20 AM
Subject: Microsoft Security Bulletin MS03-037: Flaw in Visual Basic for
Applications Could Allow Arbitrary Code Execution(822715)


> -----BEGIN PGP SIGNED MESSAGE-----
>
> - ----------------------------------------------------------------------
> Title:  Flaw in Visual Basic for Applications Could Allow
> Arbitrary Code Execution (822715)
> Date:   03 September 2003
>
> Affected Software:
> Microsoft Visual Basic for Applications SDK 5.0
>         Microsoft Visual Basic for Applications SDK 6.0
> Microsoft Visual Basic for Applications SDK 6.2
>         Microsoft Visual Basic for Applications SDK 6.3
>
> Products which include the affected software:
> Microsoft Access 97
> Microsoft Access 2000
> Microsoft Access 2002
> Microsoft Excel 97
> Microsoft Excel 2000
> Microsoft Excel 2002
> Microsoft PowerPoint 97
> Microsoft PowerPoint 2000
> Microsoft PowerPoint 2002
> Microsoft Project 2000
> Microsoft Project 2002
> Microsoft Publisher 2002
> Microsoft Visio 2000
> Microsoft Visio 2002
> Microsoft Word 97
> Microsoft Word 98(J)
> Microsoft Word 2000
> Microsoft Word 2002
> Microsoft Works Suite 2001
> Microsoft Works Suite 2002
> Microsoft Works Suite 2003
> Microsoft Business Solutions Great Plains 7.5
> Microsoft Business Solutions Dynamics 6.0
> Microsoft Business Solutions Dynamics 7.0
> Microsoft Business Solutions eEnterprise 6.0
> Microsoft Business Solutions eEnterprise 7.0
> Microsoft Business Solutions Solomon 4.5
> Microsoft Business Solutions Solomon 5.0
> Microsoft Business Solutions Solomon 5.5
>
> Impact:     Run code of attackers choice
> Max Risk:   Critical
> Bulletin:   MS03-037
>
> Microsoft encourages customers to review the Security Bulletins
> at:
> http://www.microsoft.com/technet/security/bulletin/MS03-037.asp
> http://www.microsoft.com/security/security_bulletins/ms03-037.asp
> - ----------------------------------------------------------------------
>
> Issue:
> ======
> Microsoft VBA is a development technology for developing client
> desktop packaged applications and integrating them with existing
> data and systems. Microsoft VBA is based on the Microsoft Visual
> Basic development system. Microsoft Office products include VBA
> and make use of VBA to perform certain functions. VBA can also be
> used to build customized applications based around an existing
> host application.
>
> A flaw exists in the way VBA checks document properties passed to
> it when a document is opened by the host application. A buffer
> overrun exists which if exploited successfully could allow an
> attacker to execute code of their choice in the context of the
> logged on user.
>
> In order for an attack to be successful, a user would have to
> open a specially crafted document sent to them by an attacker.
> This document could be any type of document that supports VBA,
> such as a Word document, Excel spreadsheet, PowerPoint
> presentation. In the case where Microsoft Word is being used as
> the HTML e-mail editor for Microsoft Outlook, this document could
> be an e-mail, however the user would need to reply to, or forward
> the mail message in order for the vulnerability to be exploited.
>
> Mitigating Factors:
> ====================
> - -The user must open a document sent to them by an attacker in
> order for this vulnerability to be exploited.
> - -When Microsoft Word is being used as the HTML e-mail editor in
> Outlook, a user would need to reply to or forward a malicious e-
> mail document sent to them in order for this vulnerability to be
> exploited.
> - -An attacker's code could only run with the same rights as the
> logged on user. The specific privileges the attacker could gain
> through this vulnerability would therefore depend on the
> privileges granted to the user. Any limitations on a user's
> account, such as those applied through Group Policies, would also
> limit the actions of any arbitrary code executed by this
> vulnerability.
>
> Risk Rating:
> ============
>  - Critical
>
> Patch Availability:
> ===================
>  - A patch is available to fix this vulnerability. Please read
> the Security Bulletins at
> http://www.microsoft.com/technet/security/bulletin/ms03-037.asp
> http://www.microsoft.com/security/security_bulletins/ms03-037.asp
> for information on obtaining this patch.
>
> Acknowledgment:
> ===============
>  - eEye Digital Security, http://www.eeye.com
>
> - ---------------------------------------------------------------------
>
> THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS
> PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT
> DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING
> THE
> WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
> PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS
> BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT,
> INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL
> DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN
> ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT
> ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL
> OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY.
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGP 7.1
>
> iQEVAwUBP1Y7no0ZSRQxA/UrAQFW9Af/R8I0BzShSIs6JIz+tl/BKj6inGbX0Sde
> HIJ0dwziLnxQZpcRCow2HPGFM1yQjIXuu7PGtjBrPYfn5pmSKmJvvNk0ZDKKyQmL
> 9t+/Bs+aGsdllF4BeAiFGYTnRgxEUlMFM9/GJbKaOFUBGhfRLHtv4IEUqb7tqFG4
> byoa7h3mOTijlbuE8SKHF6rbGGOAyhAbK4h8f8+tqjQ4PllNo9wSJLcTCg7HkdVv
> Vp2VkUPAXiRLBKZUkdpa1OgZ7g7znze1yC4g8/n5WVinknW8uHH0krRNQDvEQmU1
> rb5N1+OTosd2JqTW/WXs1PE5XRYYd36ULcOO9f8TQpKp6kQNxKRC3A==
> =SCfU
> -----END PGP SIGNATURE-----
>
>
> *******************************************************************
>
> You have received this e-mail bulletin because of your subscription to the
Microsoft Product Security Notification Service.  For more information on
this service, please visit
http://www.microsoft.com/technet/security/notify.asp.
>
> To verify the digital signature on this bulletin, please download our PGP
key at http://www.microsoft.com/technet/security/notify.asp.
>
> To unsubscribe from the Microsoft Security Notification Service, please
visit the Microsoft Profile Center at
http://register.microsoft.com/regsys/pic.asp
>
> If you do not wish to use Microsoft Passport, you can unsubscribe from the
Microsoft Security Notification Service via email as described below:
> Reply to this message with the word UNSUBSCRIBE in the Subject line.
>
> For security-related information about Microsoft products, please visit
the Microsoft Security Advisor web site at
http://www.microsoft.com/security.


To unsub or change your email settings:
//www.freelists.org/webpage/pctechtalk

To access our Archives:
http://groups.yahoo.com/group/PCTechTalk/messages/
//www.freelists.org/archives/pctechtalk/

For more info:
//www.freelists.org/cgi-bin/list?list_id=pctechtalk

Other related posts:

• » -=PCTechTalk=- Fw: Microsoft Security Bulletin MS03-037: Flaw in Visual Basic for Applications Could Allow Arbitrary Code Execution(822715)

1. Home
2. pctechtalk
3. Archive
4. 09-2003

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---