16413: Vulnerability in Microsoft Office Could Allow Remote Code Execution (932553) (Remote File Checking)

Vulnerability in Microsoft Office Could Allow Remote Code Execution (932553) (Remote File Checking)

General Info

	TC:	16413
	Description:	A vulnerability has been reported in Microsoft Office, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an unspecified error when handling strings and can be exploited to cause a memory corruption. Successful exploitation allows execution of arbitrary code. NOTE: According to Microsoft, the vulnerability is currently being actively exploited via Excel, but other Office applications may also be affected. This Testcase tests only Microsoft Office Excel component.
	TC Impact:	Gather Info

Specific Operations and Actions:

	Vulnerability Publication:	February 2, 2007
	Advisory Copyright:	Microsoft Corporation;
	Summary:	A vulnerability has been reported in Microsoft Office: * CVE-2007-0671, Handling strings - Memory corruption.
	Risk:	High
	CVSS 2.0 metrics:	Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete
	CVSS 2.0 Base Score:	9.3

	Vulnerability Impact:	Attack

	Host Impact:	Remote Code Execution.
	Nature of Remediation:	Update the software.

	Step required to fix the reported vulnerability:
	*** Solution type: Upgrade Software *** Microsoft has not yet released a fix for this issue. See references for future fix posting.
	*** Solution type: Deploy Work Arounds *** Do not open or save Office files that you receive from un-trusted sources or that you receive unexpectedly from trusted sources. This vulnerability could be exploited when a user opens a specially crafted Office file.

Glossary and References :

	References:
	Original advisory: http://www.microsoft.com/technet/security/advisory/932553.mspx Other references: * MISC:http://vil.nai.com/vil/content/v_141393.htm * MISC:http://www.avertlabs.com/research/blog/?p=191 * FRSIRT:ADV-2007-0463 * URL:http://www.frsirt.com/english/advisories/2007/0463 * SECTRACK:1017584 * URL:http://securitytracker.com/id?1017584

	CVE Link:	CVE-2007-0671

	Glossary:	Arbitrary Command Execution Buffer Overflow Office Remote Command Execution

© 2003-2010 NexantiS Corporation (www.securescout.com)
SecureScout is a trademark of NexantiS
All Rights Reserved
All products names referenced herein are trademarks of their respective companies

SecureScout products are certified:
CVE Compatible
SANS TOP 20 Compatible
CVSS Compatible (Common Vulnerability Scoring System)