Vulnerability Bulletins |
Ejecución de código en Microsoft Word |
|
Vulnerability classification |
|
| Property | Value |
| Confidence level | Oficial |
| Impact | Obtener acceso |
| Dificulty | Principiante |
| Required attacker level | Acceso remoto sin cuenta a un servicio exotico |
System information |
|
| Property | Value |
| Affected manufacturer | Microsoft |
| Affected software |
Microsoft Office 2000 Microsoft Office XP Microsoft Office 2003 Microsoft Office 2004 Mac |
Description |
|
|
Se ha descubierto una vulnerabilidad en Microsoft Excel 2000, XP, 2003 y 2004 para plataformas Mac. La vulnerabilidad reside en un error no especificado. Un atacante remoto podría ejecutar código arbitrario mediante métodos desconocidos. Existe un exploit público disponible. El boletín MS08-016 sustituye al MS07-015. |
|
Solution |
|
|
Actualización de software Microsoft (MS07-015) Microsoft Office 2000 Service Pack 3 http://www.microsoft.com/downloads/details.aspx?familyid=20E089E7-7DD3-44A4-ABFE-6D8C27721683 Microsoft Office XP Service Pack 3 http://www.microsoft.com/downloads/details.aspx?FamilyId=C54B1FDA-1237-48F7-AD19-F0830EE0E8FF Microsoft Office 2003 Service Pack 2 http://www.microsoft.com/downloads/details.aspx?FamilyId=BB0973E7-275D-4491-9BA1-91EAEA84EEFD Microsoft Project 2000 Service Release 1 http://www.microsoft.com/downloads/details.aspx?FamilyId=3DF54B5C-CB82-4A99-9B90-EDAB38AD6310 Microsoft Project 2002 Service Pack 1 http://www.microsoft.com/downloads/details.aspx?FamilyId=419191DC-01B8-4E2A-BA5B-71BF3066C169 Microsoft Visio 2002 Service Pack 2 http://www.microsoft.com/downloads/details.aspx?FamilyId=F50A5111-0926-4221-96DF-18294230ED1E Microsoft Office 2004 for Mac http://www.microsoft.com/mac/ |
|
Standar resources |
|
| Property | Value |
| CVE | CVE-2007-0671 |
| BID | |
Other resources |
|
|
Microsoft Security Advisory (932553) http://www.microsoft.com/technet/security/advisory/932553.mspx Microsoft Security Bulletin (MS07-015) http://www.microsoft.com/technet/security/Bulletin/MS07-015.mspx Microsoft Security Bulletin (MS08-016) http://www.microsoft.com/technet/security/bulletin/MS08-016.mspx |
|
Version history |
||
| Version | Comments | Date |
| 1.0 | Aviso emitido | 2007-02-05 |
| 1.1 | Aviso emitido por Microsoft (MS07-015) | 2007-02-15 |
| 1.2 | Aviso emitido por Microsoft (MS08-016). Descripción actualizada. | 2008-03-12 |