|
 |
| SecurityReason | ||
| WLB | ||
| Services | ||
| RSS | ||
| Corporate | ||
| Note | ||
If you have found a vulnerability, please send to our SecurityAlert Database : |
||
Home  SecurityAlert Database |
||||
SecurityAlert : 2542 CVE : CVE-2007-0038 SecurityRisk : High  (About) Remote Exploit : Yes Local Exploit : Yes Exploit Given : Yes Credit : Alexander Sotirov of Determina Security Research Published : 13.04.2007
Advisory Text : Vulnerability can be exploited and results in remote code execution with the privileges of the logged-in user. Overview This security advisory is an updated and specific version of a previous advisory that Determina had published on its "Zero-Day Vulnerabilities" page at http://www.determina.com/security_center/zero_day.asp. In December 2006, Determina announced that it had found a number of new vulnerabilities affecting Microsoft Windows and related products. These were privately reported to Microsoft by Determina and no public information was released on how to exploit these vulnerabilities. Today, Microsoft announced that they had found public exploits against one of these vulnerabilities - CVE-2007-0038. The problem relates to the processing of animated cursor icons, and the vulnerability is a buffer overflow in the processing code. Microsoft fixed a closely related vulnerability with their MS05-02 security update, but their fix was incomplete. Determina Security Research was able to bypass the patch and develop a proof-of-concept exploit that works on fully-patched Windows systems. As Microsoft has pointed out, any web page, email or content that can load an animated cursor can allow an attacker to take advantage of the vulnerability and run arbitrary code on the users system. Determina VPS Desktop and Server Editions offer "zero-day" protection against this vulnerability, and Determina customers have been continuously protected against this vulnerability even prior to its discovery in December 2006 and will be protected until Microsoft issues a patch for this issue in the future. Other security products (anti-virus, anti-spyware, host intrusion prevention products) will require continuous signature and pattern matching updates to keep up with the proliferation of attacks that take advantage of this vulnerability. Disclaimer The information within this paper may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (Determina) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information. SecurityReason Update : ------------------------------- More Advisories : Microsoft (KB925902): http://www.microsoft.com/technet/security/Bulletin/MS07-017.mspx Microsoft: http://www.microsoft.com/technet/security/advisory/935423.mspx http://blogs.technet.com/msrc/archive...-security-advisory-935423-posted.as px http://blogs.technet.com/msrc/archive...crosoft-security-advisory-935423.as px http://blogs.technet.com/msrc/archive...crosoft-security-advisory-935423.as px Exploits : http://securityreason.com/exploitalert/2265 http://securityreason.com/exploitalert/2276 http://securityreason.com/exploitalert/2252 http://securityreason.com/exploitalert/2238 http://securityreason.com/exploitalert/2233 http://securityreason.com/exploitalert/2232  Feedback : If you have additional information or notice any errors regarding this security advisory, please use contact form or email us at info()securityreason()com. |
||||
| Alert | ||
Multiple Vendors libc/gdtoa printf(3) Array Overrun
SecurityReason realised new advisory about vulnerabilities libc/gdtoa... |
||
| Apache |  |
|
» Apache Tomcat |
||
» Apache Tomcat User |
||
| PHP | |
|
» PHP |
||
- 2009-05-30| Copyright © SecurityReason.com. All Rights Reserved. |