Korean

<< Back VID 26236 Severity 40 Port 139,445 Protocol TCP Class SMB Detailed Description The hotfix (924554) for 'Remote Code Execution Vulnerabilities in Microsoft Word' has not been applied. This update resolves newly discovered, public vulnerabilities in Microsoft Word that could allow an attacker to run arbitrary code on a user's system. Microsoft Word 2000, 2002, 2003 and Microsoft Works Suite 2000, 2001, 2002, 2003, 2004, 2005, and 2006 could allow a remote attacker to execute arbitrary code, caused by multiple vulnerabilities. By convincing a user to open a specially crafted Word document, an attacker could execute arbitrary code with the privileges of the user running Word. If the user is logged in with administrative privileges, the attacker could take complete control of a vulnerable system. * Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts. * References: http://www.microsoft.com/technet/security/Bulletin/MS06-060.mspx http://www.symantec.com/enterprise/security_response/writeup.jsp?docid=2006-090219-2855-99 http://vil.mcafeesecurity.com/vil/content/v_119055.htm http://www.frsirt.com/english/advisories/2006/3448 http://secunia.com/advisories/21735 http://isc.sans.org/diary.php?storyid=1669 http://blogs.securiteam.com/?p=586 http://securitytracker.com/id?1016787 * Platforms Affected: Microsoft Word 2003 Viewer Any version Microsoft Office 2000 SP3 Microsoft Office 2003 SP1 and SP2 Microsoft Office XP SP3 Microsoft Word 2000, 2002, 2003 Microsoft Works Suite 2000, 2001, 2002, 2003, 2004, 2005, and 2006 Microsoft Windows Any version Recommendation Apply the appropriate patch (924554) for your system, as listed in Microsoft Security Bulletin MS06-060 at http://www.microsoft.com/technet/security/bulletin/ms06-060.mspx Related URL CVE-2006-2492 (CVE) Related URL 18037 (SecurityFocus) Related URL 26554,26556 (ISS)