Vulnerability Bulletins |
Ejecución de código en Microsoft Office |
|
Vulnerability classification |
|
Property | Value |
Confidence level | Oficial |
Impact | Obtener acceso |
Dificulty | Experto |
Required attacker level | Acceso remoto sin cuenta a un servicio estandar |
System information |
|
Property | Value |
Affected manufacturer | Microsoft |
Affected software |
Microsoft Office 2000 SP3 Microsoft Office XP SP3 Microsoft Office 2003 SP2 Microsoft Office 2004 para Mac |
Description |
|
Se ha descubierto una vulnerabilidad en Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP2, y Office 2004 para Mac. La vulnerabilidad reside en un error no especificado relacionado con "memory handling error". Un atacante remoto podría ejecutar código arbitrario mediante un documento Office que contenga un objeto especialmente diseñado. Los boletines MS08-014 y MS08-016 sustituyen al MS08-013. |
|
Solution |
|
Actualización de software Microsoft (MS08-013) Office 2000 / patch Office2000-kb944425-fullfile-enu Office XP / patch OfficeXP-kb944423-fullfile-enu Office 2003 / patch Office2003-kb945185-fullfile-enu Office 2004 para Mac 11.4.0 Update http://www.microsoft.com/mac/downloads.mspx?pid=Mactopia_Office2004&fid=632EC4B3-B998-4F22-B9D6-93C09C385479%20viewer |
|
Standar resources |
|
Property | Value |
CVE | CVE-2008-0103 |
BID | 27738 |
Other resources |
|
Microsoft Security Bulletin (MS08-013) http://www.microsoft.com/technet/security/Bulletin/MS08-013.mspx Microsoft Security Bulletin (MS08-014) http://www.microsoft.com/technet/security/bulletin/MS08-014.mspx Microsoft Security Bulletin (MS08-016) http://www.microsoft.com/technet/security/bulletin/MS08-016.mspx |
Version history |
||
Version | Comments | Date |
1.0 | Aviso emitido | 2008-02-13 |
1.1 | Aviso emitido por Microsoft (MS08-014), aviso emitido por Microsoft (MS08-016). Descripción actualizada. | 2008-03-12 |