SecurityTracker: Microsoft Office Web Components Bug in Spreadsheet ActiveX Control Lets Remote Users Execute Arbitrary Code

	Keep Track of the Latest Vulnerabilities with SecurityTracker!

Home | View Topics | Search | Contact Us |

SecurityTracker
Archives

Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary

Instant Alerts

Buy our Premium Vulnerability Notification Service to receive customized, instant alerts

Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!

Become a Partner and License Our Database or Notification Service

Report a Bug

Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com

Category: Application (Generic) > Microsoft Office

Vendors: Microsoft

Microsoft Office Web Components Bug in Spreadsheet ActiveX Control Lets Remote Users Execute Arbitrary Code

SecurityTracker Alert ID: 1022535

SecurityTracker URL: http://securitytracker.com/id/1022535

CVE Reference: CVE-2009-1136 (Links to External Site)

Updated: Oct 28 2009

Original Entry Date: Jul 13 2009

Impact: Execution of arbitrary code via network, User access via network

Fix Available: Yes Vendor Confirmed: Yes

Version(s): XP SP3, 2003 SP3

Description: A vulnerability was reported in Microsoft Office Web Components. A remote user can cause arbitrary code to be executed on the target user's system.

A remote user can create specially crafted HTML that, when loaded by the target user, will invoke the Spreadsheet ActiveX control and trigger a memory corruption error and execute arbitrary code on the target system. The code will run with the privileges of the target user.

This vulnerability is being actively exploited on a limited basis.

The following product versions are also affected:

Microsoft Office XP Web Components Service Pack 3
Microsoft Office 2003 Web Components Service Pack 3
Microsoft Office 2003 Web Components for the 2007 Microsoft Office system Service Pack 1
Microsoft Internet Security and Acceleration Server 2004 Standard Edition Service Pack 3
Microsoft Internet Security and Acceleration Server 2004 Enterprise Edition Service Pack 3
Microsoft Internet Security and Acceleration Server 2006
Internet Security and Acceleration Server 2006 Supportability Update
Microsoft Internet Security and Acceleration Server 2006 Service Pack 1
Microsoft Office Small Business Accounting 2006

Haifei Li of Fortinet's FortiGuard Global Security Research Team reported this vulnerability.

Impact: A remote user can create HTML that, when loaded by the target user, will execute arbitrary code on the target user's system.

Solution: The vendor has issued the following fixes:

Microsoft Office XP Service Pack 3:

http://www.microsoft.com/downloads/details.aspx?familyid=60e2e4e7-aa75-441d-b6fc-7e850bf8e580

Microsoft Office 2003 Service Pack 3:

http://www.microsoft.com/downloads/details.aspx?familyid=95c94c9a-6aca-42fb-9679-3234f06c72f7

Microsoft Office 2000 Web Components Service Pack 3:

http://www.microsoft.com/downloads/details.aspx?familyid=60e2e4e7-aa75-441d-b6fc-7e850bf8e580

Microsoft Office XP Web Components Service Pack 3:

http://www.microsoft.com/downloads/details.aspx?familyid=60e2e4e7-aa75-441d-b6fc-7e850bf8e580

Microsoft Office 2003 Web Components Service Pack 3:

http://www.microsoft.com/downloads/details.aspx?familyid=95c94c9a-6aca-42fb-9679-3234f06c72f7

Microsoft Office 2003 Web Components Service Pack 1 for the 2007 Microsoft Office System:

http://www.microsoft.com/downloads/details.aspx?familyid=644008e0-77c9-4a02-ac9b-e30d0930c4be

Microsoft Internet Security and Acceleration Server 2004 Standard Edition Service Pack 3:

http://www.microsoft.com/downloads/details.aspx?familyid=8f79a073-27e8-46ef-87d8-f09b93521326

Microsoft Internet Security and Acceleration Server 2004 Enterprise Edition Service Pack 3:

http://www.microsoft.com/downloads/details.aspx?familyid=8f79a073-27e8-46ef-87d8-f09b93521326

Microsoft Internet Security and Acceleration Server 2006 Standard Edition Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?familyid=8f79a073-27e8-46ef-87d8-f09b93521326

Microsoft Internet Security and Acceleration Server 2006 Enterprise Edition Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?familyid=8f79a073-27e8-46ef-87d8-f09b93521326

Microsoft BizTalk Server 2002:

http://www.microsoft.com/downloads/details.aspx?familyid=495839b6-0322-4755-997d-4a7762c53333

Microsoft Visual Studio .NET 2003 Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?familyid=ba2915a0-f5f4-4e18-b0c0-534d2a948585

Microsoft Office Small Business Accounting 2006:

http://www.microsoft.com/downloads/details.aspx?familyid=0d77ddb3-4d34-4cfe-913b-d05981f59a82

A restart may be required.

On October 27, 2009, Microsoft rereleased MS09-043 to correct a detection issue for Office 2003 SP3 and Office 2003 Web Components SP3. The binaries were not changed. Customers that have already applied the fix do not need to reinstall the update.

The Microsoft advisory is available at:

http://www.microsoft.com/technet/security/bulletin/ms09-043.mspx

The original advisory is available at:

http://www.microsoft.com/technet/security/advisory/973472.mspx

Vendor URL: www.microsoft.com/technet/security/bulletin/ms09-043.mspx (Links to External Site)

Cause: Access control error

Underlying OS: Windows (Any)

Message History: None.

Source Message Contents

Date: Mon, 13 Jul 2009 12:01:20 -0400
Subject: Microsoft Office


http://www.microsoft.com/technet/security/advisory/973472.mspx

CVE-2009-1136

Go to the Top of This SecurityTracker Archive Page

Home | View Topics | Search | Contact Us
Copyright 2012, SecurityGlobal.net LLC