Microsoft Office Brazilian Portuguese Grammar Checker Remote Code Execution Vulnerability
BID:21942
Info
Microsoft Office Brazilian Portuguese Grammar Checker Remote Code Execution Vulnerability
| Bugtraq ID: | 21942 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2006-5574 |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 09 2007 12:00AM |
| Updated: | Jan 13 2007 12:00AM |
| Credit: | Microsoft has disclosed this issue. |
| Vulnerable: |
Microsoft Word 2003 Microsoft Visio Multilingual User Interface 2003 SP2 Microsoft Visio Enterprise Architects 2003 0 Microsoft Visio 2003 Microsoft Publisher 2003 Microsoft Project Multilingual User Interface 2003 SP2 Microsoft PowerPoint 2003 0 Microsoft Outlook 2003 0 Microsoft OneNote 2003 0 Microsoft Office Proofing Tools 2003 SP2 Microsoft Office Multilingual User Interface 2003 SP2 Microsoft Office 2003 SP3 Microsoft Office 2003 SP2 Microsoft Office 2003 SP1 Microsoft Office 2003 0 Microsoft InfoPath 2003 Microsoft FrontPage 2003 Microsoft Excel 2003 Microsoft Access 2003 |
| Not Vulnerable: | |
Discussion
Microsoft Office Brazilian Portuguese Grammar Checker Remote Code Execution Vulnerability
Microsoft Office is prone to a remote code-execution vulnerability. This issue occurs when the application processes certain Office files.
Note that this issue may not be exploited automatically through email. For an attack to succeed, a victim must manually open an attachment sent by email or obtained through other means.
An attacker may exploit this issue to execute arbitrary code in the context of the currently logged-in user.
This issue affects the Microsoft Office 2003 Brazilian Grammar Checker application used in various Microsoft applications that have Brazilian Portuguese language support.
Microsoft Office is prone to a remote code-execution vulnerability. This issue occurs when the application processes certain Office files.
Note that this issue may not be exploited automatically through email. For an attack to succeed, a victim must manually open an attachment sent by email or obtained through other means.
An attacker may exploit this issue to execute arbitrary code in the context of the currently logged-in user.
This issue affects the Microsoft Office 2003 Brazilian Grammar Checker application used in various Microsoft applications that have Brazilian Portuguese language support.
Exploit / POC
Microsoft Office Brazilian Portuguese Grammar Checker Remote Code Execution Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].
Solution / Fix
Microsoft Office Brazilian Portuguese Grammar Checker Remote Code Execution Vulnerability
Solution:
Microsoft has released a security advisory and fixes addressing this issue. Please see the reference section for more information.
Microsoft Visio Multilingual User Interface 2003 SP2
Microsoft Office 2003 SP2
Microsoft Office 2003 0
Microsoft Office Proofing Tools 2003 SP2
Microsoft Office 2003 SP3
Microsoft Project Multilingual User Interface 2003 SP2
Microsoft Office Multilingual User Interface 2003 SP2
Microsoft Office 2003 SP1
Solution:
Microsoft has released a security advisory and fixes addressing this issue. Please see the reference section for more information.
Microsoft Visio Multilingual User Interface 2003 SP2
-
Microsoft Security Update for Visio Multilingual User Interface 2003 (KB921585)
http://www.microsoft.com/downloads/details.aspx?familyid=C5A29C81-419C -440B-BF0B-FEC0C0708430&displaylang=en
Microsoft Office 2003 SP2
-
Microsoft Security Update for Office 2003 (KB921585)
http://www.microsoft.com/downloads/details.aspx?familyid=B828BA91-A993 -41EC-839C-8995CCFAEC6B&displaylang=en
Microsoft Office 2003 0
-
Microsoft Security Update for Office 2003 (KB921585)
http://www.microsoft.com/downloads/details.aspx?familyid=B828BA91-A993 -41EC-839C-8995CCFAEC6B&displaylang=en
Microsoft Office Proofing Tools 2003 SP2
-
Microsoft Security Update for Proofing Tools 2003 (KB921585)
http://www.microsoft.com/downloads/details.aspx?familyid=51E9C97A-C35F -45AD-A587-8F08F1D34B7B&displaylang=en
Microsoft Office 2003 SP3
-
Microsoft Security Update for Office 2003 (KB921585)
http://www.microsoft.com/downloads/details.aspx?familyid=B828BA91-A993 -41EC-839C-8995CCFAEC6B&displaylang=en
Microsoft Project Multilingual User Interface 2003 SP2
-
Microsoft Security Update for Project Multilingual User Interface 2003 (KB921585)
http://www.microsoft.com/downloads/details.aspx?familyid=8F233E5D-1270 -4041-9CDD-C3541B7F4B40&displaylang=en
Microsoft Office Multilingual User Interface 2003 SP2
-
Microsoft Security Update for Office Multilingual User Interface 2003 (KB921585)
http://www.microsoft.com/downloads/details.aspx?familyid=C860DE66-DB1A -489D-8518-42CE468F5965&displaylang=en
Microsoft Office 2003 SP1
-
Microsoft Security Update for Office 2003 (KB921585)
http://www.microsoft.com/downloads/details.aspx?familyid=B828BA91-A993 -41EC-839C-8995CCFAEC6B&displaylang=en