| VID |
28053 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The Hotfix(822715) for 'Code Execution Vulnerability due to a flaw in Visual Basic for Application' has not been applied.
MS VBA is a development technology for developing client desktop packaged applications and integrating them with existing data and systems. It is included in MS Office products and is used to perform certain functions by Office products. The versions 5.0, 6.0, 6.2 and 6.3 of Visual Basic for Applications (VBA) are vulnerable to a buffer overflow, caused by by improperly checking certain document properties that are passed to it from a host application when a document is opened. To exploit this vulnerability, a remote attacker can construct a specially crafted document that supports VBA such as a Word document, Excel spreadsheet, PowerPoint presentation, and persuade a user to open a document sent to them by an attacker. When this document is opened, it can allow a remote attack to overflow a buffer and execute arbitrary code with the context of the logged on user.
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.microsoft.com/technet/security/bulletin/MS03-037.asp
http://archives.neohapsis.com/archives/bugtraq/2003-09/0037.html
* Softwares Affected:
Microsoft Visual Basic for Applications SDK 5.0 , 6,0, 6.2, 6.3
Products which Include the Softwares Affected:
Microsoft Access 97, 2000, 2002
Microsoft Excel 97, 2000, 2002
Microsoft PowerPoint 97, 2000, 2002
Microsoft Project 2000, 2002
Microsoft Publisher 2002
Microsoft Visio 2000, 2002
Microsoft Word 97, 98(J), 2000, 2002
Microsoft Works Suite 2001, 2002, 2003
Microsoft Business Solutions Great Plains 7.5
Microsoft Business Solutions Dynamics 6.0, 7.0
Microsoft Business Solutions eEnterprise 6.0, 7.0
Microsoft Business Solutions Solomon 4.5, 5.0, 5,5 |
| Recommendation |
Apply the appropriate patch for your system, as listed in Microsoft's security bulletin MS03-037 at http://www.microsoft.com/technet/security/bulletin/MS03-037.asp
1. Open the following page :
for MS Office 2000, http://microsoft.com/downloads/details.aspx?FamilyId=E2CCE199-9C4A-4EEC-A3EC-9F738017F275&displaylang=en
http://www.microsoft.com/office/ork/xp/journ/o2k0901a.htm (Administrative update only)
for MS Office XP (including Publisher 2002): http://microsoft.com/downloads/details.aspx?FamilyId=6F1FC4B0-29E9-44E0-A33D-AD6B4B6A8FF4&displaylang=en
http://www.microsoft.com/office/ork/xp/journ/oxp1001a.htm (Administrative update only)
for MS Project 2000, http://microsoft.com/downloads/details.aspx?FamilyId=E53A52E7-431D-4580-9733-B92A2B7BFD0D&displaylang=en
for MS Project 2002, http://microsoft.com/downloads/details.aspx?FamilyId=525BDE0A-0028-488A-8209-6E07D4603CCB&displaylang=en
for MS Visio 2002, http://microsoft.com/downloads/details.aspx?FamilyId=55944490-13C2-4043-BA2A-17AF02E9C73E&displaylang=en
for MS VBA 5.0, 6.0, 6.2, 6.3 or Access 97 or Excel 97 or PowerPoint 97, Word 97/98(J), Visio 2000, Works Suite 2001,
BS(Business Solutions) Great Plains 7.5, BS Solutions Dynamics 6.0, 7.0, BS Solomon 4.5, 5.0, 5.5, Microsoft VBA Patch(http://microsoft.com/downloads/details.aspx?FamilyId=DA1A7ABA-CD3D-458B-9729-AB9094C9BD3F&displaylang=en)
2. Select a different language from the drop-down list and click <Go> button.
3. Click <Download> button to download this patch file.
4. Run this file to install the patch.
-- OR --
You can install this security patch from Office Update at http://www.office.microsoft.com/ProductUpdates/default.aspx |
| Related URL |
CVE-2003-0347 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
13092 (ISS) |
|
