| VID |
26264 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The hotfix (929434) for 'Remote Code Execution Vulnerabilities in Microsoft Word' has not been applied. This update resolves newly discovered, public vulnerabilities in Microsoft Word that could allow an attacker to run arbitrary code on a user's system. Microsoft Word 2000, 2002, 2003 and Microsoft Works Suite 2000, 2002, 2003, 2004, 2005, and 2006 could allow a remote attacker to execute arbitrary code, caused by multiple vulnerabilities. By convincing a user to open a specially crafted Word document, an attacker could execute arbitrary code with the privileges of the user running Word. If the user is logged in with administrative privileges, the attacker could take complete control of a vulnerable system.
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.microsoft.com/technet/security/Bulletin/MS07-014.mspx
http://www.kb.cert.org/vuls/id/167928
http://www.kb.cert.org/vuls/id/166700
http://www.kb.cert.org/vuls/id/996892
http://www.kb.cert.org/vuls/id/412225
http://www.frsirt.com/english/advisories/2006/4866
http://www.frsirt.com/english/advisories/2006/4920
http://www.frsirt.com/english/advisories/2007/0435
http://www.frsirt.com/english/advisories/2006/4997
http://www.frsirt.com/english/advisories/2007/0583
http://secunia.com/advisories/23232
http://secunia.com/advisories/23205
http://secunia.com/advisories/23950
http://research.eeye.com/html/alerts/zeroday/20061212.html
http://www.milw0rm.com/exploits/2922
http://www.milw0rm.com/sploits/12122006-djtest.doc
http://vil.mcafeesecurity.com/vil/content/v_141056.htm
http://vil.mcafeesecurity.com/vil/content/v_vul27249.htm
http://blogs.technet.com/msrc/archive/2006/12/10/new-report-of-a-word-zero-day.aspx
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9005698&intsrc=hm_list
* Platforms Affected:
Microsoft Word 2003 Viewer Any version
Microsoft Office 2000 SP3
Microsoft Office 2003 SP1 and SP2
Microsoft Office XP SP3
Microsoft Word 2000, 2002, 2003
Microsoft Works Suite 2000, 2002, 2003, 2004, 2005, and 2006
Microsoft Windows Any version |
| Recommendation |
Apply the appropriate patch (929434) for your system, as listed in Microsoft Security Bulletin MS07-014 at http://www.microsoft.com/technet/security/bulletin/ms07-014.mspx |
| Related URL |
CVE-2006-3647,CVE-2006-3651,CVE-2006-4534,CVE-2006-4693 (CVE) |
| Related URL |
20341,20358 (SecurityFocus) |
| Related URL |
28775,29215,29224,29226 (ISS) |
|
