US-CERT Technical Cyber Security Alert TA06-164A -- Microsoft Windows, Internet Explorer, Media Player, Word, PowerPoint, and Exchange Vulnerabilities

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


                     National Cyber Alert System

               Technical Cyber Security Alert TA06-164A


Microsoft Windows, Internet Explorer, Media Player, Word, PowerPoint, and
Exchange Vulnerabilities

   Original release date: June 13, 2006
   Last revised: --
   Source: US-CERT


Systems Affected

     * Microsoft Windows
     * Microsoft Windows Media Player
     * Microsoft Internet Explorer
     * Microsoft PowerPoint for Windows and Mac OS X
     * Microsoft Word for Windows
     * Microsoft Office
     * Microsoft Works Suite
     * Microsoft Exchange Server Outlook Web Access

   For more complete information, refer to the Microsoft Security
   Bulletin Summary for June 2006.


Overview

   Microsoft has released updates that address critical vulnerabilities
   in Microsoft Windows, Word, PowerPoint, Media Player, Internet
   Explorer, and Exchange Server. Exploitation of these vulnerabilities
   could allow a remote, unauthenticated attacker to execute arbitrary
   code or cause a denial of service on a vulnerable system.


I. Description

   Microsoft Security Bulletin Summary for June 2006 addresses
   vulnerabilities in Microsoft Windows, Word, PowerPoint, Media Player,
   Internet Explorer, and Exchange Server. Further information is
   available in the following US-CERT Vulnerability Notes:

   VU#722753 - Microsoft IP Source Route Vulnerability 

   A vulnerability in Microsoft Windows could allow a remote attacker to
   execute arbitrary code on a vulnerable system.
   (CVE-2006-2379)

   VU#446012 - Microsoft Word object pointer memory corruption
   vulnerability 

   A memory corruption vulnerability in Microsoft Word could allow a
   remote attacker to execute arbitrary code with the privileges of the
   user running Word.
   (CVE-2006-2492)

   VU#190089 - Microsoft PowerPoint malformed record vulnerability 

   Microsoft PowerPoint fails to properly handle malformed records. This
   may allow a remote attacker to execute arbitrary code on a vulnerable
   system.
   (CVE-2006-0022)

   VU#923236 - Microsoft Windows ART image handling buffer overflow 

   Microsoft Windows ART image handling routines are vulnerable to a
   heap-based buffer overflow. This vulnerability may allow a remote,
   unauthenticated attacker to execute arbitrary code on a vulnerable
   system.
   (CVE-2006-2378)

   VU#390044 - Microsoft JScript memory corruption vulnerability 

   Microsoft JScript contains a memory corruption vulnerability. This
   vulnerability may allow a remote, unauthenticated attacker to execute
   arbitrary code on a vulnerable system.
   (CVE-2006-1313)

   VU#338828 - Microsoft Internet Explorer exception handling
   vulnerability 

   Microsoft Internet Explorer fails to properly handle exception
   conditions. This may allow a remote, unauthenticated attacker to
   execute arbitrary code.
   (CVE-2006-2218)

   VU#417585 - Microsoft DXImageTransform Light filter fails to validate
   input 

   The Microsoft DXImageTransform Light COM object fails to validate
   input, which may allow a remote attacker to execute arbitrary code on
   a vulnerable system.
   (CVE-2006-2383)

   VU#959049 - Multiple COM objects cause memory corruption in Microsoft
   Internet Explorer 

   Microsoft Internet Explorer (IE) allows instantiation of COM objects
   not designed for use in the browser, which may allow a remote attacker
   to execute arbitrary code or crash IE.
   (CVE-2006-2127)

   VU#136849 - Microsoft Internet Explorer UTF-8 decoding vulnerability 

   Microsoft Internet Explorer fails to properly decode UTF-8 encoded
   HTML. This may allow a remote, unauthenticated attacker to execute
   arbitrary code on a vulnerable system.
   (CVE-2006-2382)

   VU#909508 - Microsoft Graphics Rendering Engine fails to properly
   handle WMF images 

   Microsoft Windows Graphics Rendering Engine contains a vulnerability
   that may allow a remote attacker to execute arbitrary code on a
   vulnerable system.
   (CVE-2006-2376)

   VU#608020 - Microsoft Windows Media Player PNG processing buffer
   overflow 

   Microsoft Windows Media Player contains a stack-based buffer overflow
   vulnerability that may allow a remote, unauthenticated attacker to
   execute arbitrary code on a vulnerable system.
   (CVE-2006-0025)

   VU#814644 - Microsoft Remote Access Connection Manager service
   vulnerable to buffer overflow 

   A vulnerability in the Microsoft Remote Access Connection Manager may
   allow a remote attacker to execute arbitrary code on a vulnerable
   system.
   (CVE-2006-2371)

   VU#631516 - Microsoft Routing and Remote Access does not properly
   handle RPC requests 

   There is a vulnerability in the Microsoft Windows Routing and Remote
   Access Service that could allow an attacker to take control of the
   affected system.
   (CVE-2006-2370)

   VU#138188 - Microsoft Outlook Web Access for Exchange Server script
   injection vulnerability 

   A script injection vulnerability exists in Microsoft Exchange Server
   running Outlook Web Access.
   (CVE-2006-1193)

   In MS06-027 Microsoft has released updates for the Word vulnerability
   described in Technical Cyber Security Alert TA06-139A.


II. Impact

   A remote, unauthenticated attacker could execute arbitrary code on a
   vulnerable system. An attacker may also be able to cause a denial of
   service.


III. Solution

Apply Updates

   Microsoft has provided updates for these vulnerabilities in the
   Security Bulletins. Microsoft Windows updates are available on the
   Microsoft Update site.

Workarounds

   Please see the US-CERT Vulnerability Notes for workarounds.


Appendix A. References

     * Microsoft Security Bulletin Summary for June 2006 -
       <http://www.microsoft.com/technet/security/bulletin/ms06-jun.mspx>

     * Technical Cyber Security Alert TA06-139A -
       <http://www.us-cert.gov/cas/techalerts/TA06-139A.html>

     * US-CERT Vulnerability Notes for Microsoft Updates for June 2006 -
       <http://www.kb.cert.org/vuls/byid?searchview&query=ms06-june>

     * US-CERT Vulnerability Note VU#446012 -
       <http://www.kb.cert.org/vuls/id/446012>

     * US-CERT Vulnerability Note VU#190089 -
       <http://www.kb.cert.org/vuls/id/190089>

     * US-CERT Vulnerability Note VU#923236 -
       <http://www.kb.cert.org/vuls/id/923236>

     * US-CERT Vulnerability Note VU#390044 -
       <http://www.kb.cert.org/vuls/id/390044>

     * US-CERT Vulnerability Note VU#338828 -
       <http://www.kb.cert.org/vuls/id/338828>

     * US-CERT Vulnerability Note VU#417585 -
       <http://www.kb.cert.org/vuls/id/417585>

     * US-CERT Vulnerability Note VU#136849 -
       <http://www.kb.cert.org/vuls/id/136849>

     * US-CERT Vulnerability Note VU#909508 -
       <http://www.kb.cert.org/vuls/id/909508>

     * US-CERT Vulnerability Note VU#722753 -
       <http://www.kb.cert.org/vuls/id/722753>

     * US-CERT Vulnerability Note VU#959049 -
       <http://www.kb.cert.org/vuls/id/959049>

     * US-CERT Vulnerability Note VU#138188 -
       <http://www.kb.cert.org/vuls/id/138188>

     * US-CERT Vulnerability Note VU#608020 -
       <http://www.kb.cert.org/vuls/id/608020>

     * US-CERT Vulnerability Note VU#814644 -
       <http://www.kb.cert.org/vuls/id/814644>

     * US-CERT Vulnerability Note VU#631516 -
       <http://www.kb.cert.org/vuls/id/631516>

     * CVE-2006-2492 -
       <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2492>

     * CVE-2006-0022 -
       <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0022>

     * CVE-2006-2378 -
       <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2378>

     * CVE-2006-1313 -
       <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1313>

     * CVE-2006-2218 -
       <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2218>

     * CVE-2006-2383 -
       <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2383>

     * CVE-2006-2127 -
       <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2127>

     * CVE-2006-2382 -
       <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2382>

     * CVE-2006-2376 -
       <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2376>

     * CVE-2006-2379 -
       <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2379>

     * CVE-2006-1193 -
       <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1193>

     * CVE-2006-0025 -
       <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0025>

     * CVE-2006-2371 -
       <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2371>

     * CVE-2006-2370 -
       <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2370>

     * Microsoft Update - <https://update.microsoft.com/microsoftupdate>

     * Securing Your Web Browser -
       <http://www.us-cert.gov/reading_room/securing_browser/#Internet_Ex
       plorer>


 ____________________________________________________________________

   The most recent version of this document can be found at:

     <http://www.us-cert.gov/cas/techalerts/TA06-164A.html>
 ____________________________________________________________________

   Feedback can be directed to US-CERT Technical Staff. Please send
   email to <cert@xxxxxxxx> with "TA06-164A Feedback VU#390044" in the
   subject.
 ____________________________________________________________________

   For instructions on subscribing to or unsubscribing from this
   mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
 ____________________________________________________________________

   Produced 2006 by US-CERT, a government organization.

   Terms of use:

     <http://www.us-cert.gov/legal.html>
 ____________________________________________________________________


Revision History

   June 13, 2006: Initial release


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBRI8+kn0pj593lg50AQKHOwgAvRyUSM1UUAm9rMCEqmqK2F7Nc0zmyBF/
LJQMV04M44DBzO/uAJvj1Bagsg1+eCQB9L86qL3WzKZev200gkYUki1xOJ/S7yv2
8K3ovQ9g2HFTuovw6tO2GE6EO5tWyGO0RjW4juEIe03vUF8rvkBzhQFjl4YCK7Lk
J+O3eula74ZcDExuT/8tzbYmUnW2V5YB4n8THdZmwUcQBG8HgCiYBeA5Ne0Gs2/l
FqcGY6/GcileVChU98p3GBQWp8B+WSUSxGSFEmRl4BnRhB0Me8/RmJt0+Bxs+RJP
mokjmXu0dBFZUAMP0drS1ZBnhu8/s2jo0gvu5qoDmL4el5Y1Lj6bGA==
=k+F0
-----END PGP SIGNATURE-----

[Index of Archives]     [Fedora Announce]     [Linux Crypto]     [Kernel]     [Netfilter]     [Bugtraq]     [USB]     [Fedora Security]

  Powered by Linux