F-Secure
Tools
Microsoft Office Brazilian Portuguese Grammar Checker Vulnerability
| Report ID: | SA23671 |
| Source: | Secunia |
| Date of Discovery: | 09.01.2007 |
| Criticality: | Moderate |
| Affects: | Microsoft Access 2003 Microsoft Excel 2003 Microsoft Frontpage 2003 Microsoft InfoPath 2003 Microsoft Office 2003 Professional Edition Microsoft Office 2003 Proofing Tools Microsoft Office 2003 Small Business Edition Microsoft Office 2003 Standard Edition Microsoft Office 2003 Student and Teacher Edition Microsoft OneNote 2003 Microsoft Outlook 2003 Microsoft Powerpoint 2003 Microsoft Publisher 2003 Microsoft Visio 2003 Microsoft Word 2003 |
| Compromise From: | From remote |
| Compromise Type: | System access |
Summary
A vulnerability has been reported in Microsoft Office, which can be exploited by malicious people to compromise a user's system.
Detailed Description
A vulnerability has been reported in Microsoft Office, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an error in the Brazilian Portuguese grammar checker and can be exploited to corrupt memory by tricking a user into opening a specially crafted Office document.
Successful exploitation allows execution of arbitrary code.
The vulnerability is caused due to an error in the Brazilian Portuguese grammar checker and can be exploited to corrupt memory by tricking a user into opening a specially crafted Office document.
Successful exploitation allows execution of arbitrary code.
Solution
Apply patches.
Microsoft Office 2003 SP2 (Brazilian Portuguese Version):
http://www.microsoft.com/downloads/details.aspx?familyid=B828BA91-A993-41EC-839C-8995CCFAEC6B
Microsoft Office Multilingual User Interface 2003 SP2:
http://www.microsoft.com/downloads/details.aspx?familyid=C860DE66-DB1A-489D-8518-42CE468F5965
Microsoft Project Multilingual User Interface 2003 SP2:
http://www.microsoft.com/downloads/details.aspx?familyid=8F233E5D-1270-4041-9CDD-C3541B7F4B40
Microsoft Visio Multilingual User Interface 2003 SP2:
http://www.microsoft.com/downloads/details.aspx?familyid=C5A29C81-419C-440B-BF0B-FEC0C0708430
Microsoft Office Proofing Tools 2003 SP2:
http://www.microsoft.com/downloads/details.aspx?familyid=51E9C97A-C35F-45AD-A587-8F08F1D34B7B
Microsoft Office 2003 SP2 (Brazilian Portuguese Version):
http://www.microsoft.com/downloads/details.aspx?familyid=B828BA91-A993-41EC-839C-8995CCFAEC6B
Microsoft Office Multilingual User Interface 2003 SP2:
http://www.microsoft.com/downloads/details.aspx?familyid=C860DE66-DB1A-489D-8518-42CE468F5965
Microsoft Project Multilingual User Interface 2003 SP2:
http://www.microsoft.com/downloads/details.aspx?familyid=8F233E5D-1270-4041-9CDD-C3541B7F4B40
Microsoft Visio Multilingual User Interface 2003 SP2:
http://www.microsoft.com/downloads/details.aspx?familyid=C5A29C81-419C-440B-BF0B-FEC0C0708430
Microsoft Office Proofing Tools 2003 SP2:
http://www.microsoft.com/downloads/details.aspx?familyid=51E9C97A-C35F-45AD-A587-8F08F1D34B7B
CVE Reference
CVE-2006-5574