Vulnerability Bulletins |
Ejecución de código en Microsoft Office |
|
Vulnerability classification |
|
| Property | Value |
| Confidence level | Oficial |
| Impact | Obtener acceso |
| Dificulty | Experto |
| Required attacker level | Acceso remoto sin cuenta a un servicio exotico |
System information |
|
| Property | Value |
| Affected manufacturer | Microsoft |
| Affected software |
Microsoft Office 2003 Service Pack 2 (Brazilian Portuguese Version) Microsoft Office Multilingual User Interface 2003 Service Pack 2 Microsoft Project Multilingual User Interface 2003 Service Pack 2 Microsoft Visio Multilingual User Interface 2003 Service Pack 2 Microsoft Office Proofing Tools 2003 Service Pack 2 |
Description |
|
|
Se ha descubierto una vulnerabilidad en Microsoft Office 2003. La vulnerabilidad reside en un error en la validación de la gramática Brasileña-Portuguesa cuando Office abre un archivo y parsea el texto. Un atacante remoto podría ejecutar código arbitrario y tomar el control del sistema mediante un archivo corrupto en estos idiomas. |
|
Solution |
|
|
Actualización de software Microsoft Microsoft Office 2003 Service Pack 2 (Brazilian Portuguese Version) http://www.microsoft.com/downloads/details.aspx?familyid=B828BA91-A993-41EC-839C-8995CCFAEC6B Microsoft Office Multilingual User Interface 2003 Service Pack 2 http://www.microsoft.com/downloads/details.aspx?familyid=C860DE66-DB1A-489D-8518-42CE468F5965 Microsoft Project Multilingual User Interface 2003 Service Pack 2 http://www.microsoft.com/downloads/details.aspx?familyid=8F233E5D-1270-4041-9CDD-C3541B7F4B40 Microsoft Visio Multilingual User Interface 2003 Service Pack 2 http://www.microsoft.com/downloads/details.aspx?familyid=C5A29C81-419C-440B-BF0B-FEC0C0708430 Microsoft Office Proofing Tools 2003 Service Pack 2 http://www.microsoft.com/downloads/details.aspx?familyid=51E9C97A-C35F-45AD-A587-8F08F1D34B7B |
|
Standar resources |
|
| Property | Value |
| CVE | CVE-2006-5574 |
| BID | |
Other resources |
|
|
Microsoft Security Bulletin (MS07-001) http://www.microsoft.com/technet/security/Bulletin/MS07-001.mspx |
|
Version history |
||
| Version | Comments | Date |
| 1.0 | Aviso emitido | 2007-01-10 |