Published: 2009-11-16T21:15+00:00    Last Updated: 2009-11-16T21:15+00:00

JVNTR-2009-26
Microsoft Updates for Multiple Vulnerabilities (TA09-314A)

Overview

Microsoft has released updates to address vulnerabilities in Microsoft Windows and Windows Server and Office Word and Excel.

Event Information


Date (UTC)Description
2009-11-12 17:02 VUPEN
VUPEN/ADV-2009-3193: Microsoft Office Excel Code Execution Vulnerabilities
Excel Document Parsing Heap Overflow Vulnerability (CVE-2009-3130, MS09-067)
Excel Formula Parsing Memory Corruption Vulnerability (CVE-2009-3131, MS09-067)
Excel Index Parsing Vulnerability (CVE-2009-3132, MS09-067)
Excel Document Parsing Memory Corruption Vulnerability (CVE-2009-3133, MS09-067)
Vulnerability Disclosure
These vulnerabilities are caused by memory corruptions, invalid index, and invalid pointer errors when processing malformed Excel documents, which could allow attackers to execute arbitrary code via a specially crafted XLS file.
2009-11-11 02:01 JPCERT/CC
JPCERT-AT-2009-0024: November 2009 Microsoft Security Bulletin (three critical patches)
2009-11-10 22:33 US-CERT
TA09-314A: Microsoft Updates for Multiple Vulnerabilities
Via US-CERT Mailing List
2009-11-10 22:11 SANS Internet Storm Center
Microsoft November Black Tuesday Overview
Overview of the November 2009 Microsoft patches and their status.
2009-11-10 20:56 Microsoft
ms09-nov: Microsoft Security Bulletin Summary for November 2009
Included in this advisory are updates for newly discovered vulnerabilities.
2009-11-10 18:47 Symantec
ThreatCON (2) => (2)
Microsoft has released the scheduled security bulletins for November. Three bulletins have a maximum severity rating of 'Critical'; three are rated 'Important'.
2009-11-10 17:50 US-CERT
Microsoft Releases November Security Bulletin
US-CERT Current Activity
Microsoft has released an update to address vulnerabilities in Microsoft Windows and Office as part of the Microsoft Security Bulletin Summary for November 2009. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or operate with escalated privileges.
2009-11-05 21:21 Microsoft
ms09-nov: Microsoft Security Bulletin Advance Notification for November 2009
Included in this advisory are updates for newly discovered vulnerabilities.
2009-10-20 Zero Day Initiative (ZDI)
ZDI-09-083: Microsoft Excel Shared Feature Header Pointer Offset Memory Corruption Vulnerability
Excel Cache Memory Corruption Vulnerability (CVE-2009-3129, MS09-067)
Vulnerability Reported
The specific flaw exists in the handling of Shared Feature Header (0x867) tags in an Excel BIFF file format. When processing the cbHdrData size element of the FEATHEADER it is possible to directly control the distance of a calculated pointer. This condition can be leveraged successfully to execute arbitrary code under the context of the currently logged in user.
2009-08-20 Zero Day Initiative (ZDI)
ZDI-09-082: Microsoft Office Excel PivotTable Cache Record Parsing Memory Corruption Vulnerability
Excel Cache Memory Corruption Vulnerability (CVE-2009-3127, MS09-067)
Vulnerability Reported
The specific flaw exists when parsing a document containing a malformed PivotCache Stream. The application will utilize the iCache value of an SXVI record to seek into a list of objects. While setting an attribute of that particular object, the application will corrupt memory which can lead to code execution under the context of the currently logged in user.
2009-06-15 TippingPoint
TPTI-09-06: Microsoft Windows License Logging Service Heap Corruption Vulnerability
License Logging Server Heap Overflow Vulnerability (CVE-2009-2523, MS09-064)
Vulnerability Reported
The specific flaw exists in the handling of RPC calls to the License Logging Service (llssrv.exe). When processing arguments to the LlsrLicenseRequestW method a character array is expected to contain a terminating null byte. By supplying data that does not end in a null it is possible to overlap a call to lstrcatW, resulting in a heap overflow. Successful exploitation of this vulnerability can lead to remote system compromise under the credentials of the SYSTEM account.
2009-04-30 iDefense
Microsoft Excel FEATHEADER Record Memory Corruption Vulnerability
Excel Featheader Record Memory Corruption Vulnerability (CVE-2009-3129, MS09-067)
Vulnerability Reported
The vulnerability occurs when parsing a FEATHEADER record within an Excel file. This record is used to store information common to multiple other records, and was introduced with Excel 2002 (XP). When certain fields of this record are set to a trigger value, it is possible to corrupt memory in such a way that the next 4 bytes in the record are treated as an object pointer. This pointer is then used to make a virtual function call, which results in the execution of arbitrary code.
2009-03-06 iDefense
Microsoft Word FIB Processing Stack Buffer Overflow Vulnerability
Microsoft Office Word File Information Memory Corruption Vulnerability (CVE-2009-3135, MS09-068)
Vulnerability Reported
This vulnerability occurs when Word parses the File Information Block (FIB) structure inside a Word document. When a malformed FIB structure is processed, a stack buffer overflow will occur which can lead to an exploitable condition.