Published: 2009-11-16T21:15+00:00
Last Updated: 2009-11-16T21:15+00:00
JVNTR-2009-26
Microsoft Updates for Multiple Vulnerabilities (TA09-314A)
Overview
Microsoft has released updates to address vulnerabilities in Microsoft Windows and Windows Server and Office Word and Excel.
Event Information
| Date (UTC) | Description |
| 2009-11-12 17:02 |
VUPEN VUPEN/ADV-2009-3193: Microsoft Office Excel Code Execution Vulnerabilities Excel Document Parsing Heap Overflow Vulnerability (CVE-2009-3130, MS09-067) Excel Formula Parsing Memory Corruption Vulnerability (CVE-2009-3131, MS09-067) Excel Index Parsing Vulnerability (CVE-2009-3132, MS09-067) Excel Document Parsing Memory Corruption Vulnerability (CVE-2009-3133, MS09-067) Vulnerability Disclosure These vulnerabilities are caused by memory corruptions, invalid index, and invalid pointer errors when processing malformed Excel documents, which could allow attackers to execute arbitrary code via a specially crafted XLS file. |
| 2009-11-11 02:01 |
JPCERT/CC JPCERT-AT-2009-0024: November 2009 Microsoft Security Bulletin (three critical patches) |
| 2009-11-10 22:33 |
US-CERT TA09-314A: Microsoft Updates for Multiple Vulnerabilities Via US-CERT Mailing List |
| 2009-11-10 22:11 |
SANS Internet Storm Center Microsoft November Black Tuesday Overview Overview of the November 2009 Microsoft patches and their status. |
| 2009-11-10 20:56 |
Microsoft ms09-nov: Microsoft Security Bulletin Summary for November 2009 Included in this advisory are updates for newly discovered vulnerabilities. |
| 2009-11-10 18:47 |
Symantec ThreatCON (2) => (2) Microsoft has released the scheduled security bulletins for November. Three bulletins have a maximum severity rating of 'Critical'; three are rated 'Important'. |
| 2009-11-10 17:50 |
US-CERT Microsoft Releases November Security Bulletin US-CERT Current Activity Microsoft has released an update to address vulnerabilities in Microsoft Windows and Office as part of the Microsoft Security Bulletin Summary for November 2009. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or operate with escalated privileges. |
| 2009-11-05 21:21 |
Microsoft ms09-nov: Microsoft Security Bulletin Advance Notification for November 2009 Included in this advisory are updates for newly discovered vulnerabilities. |
| 2009-10-20 |
Zero Day Initiative (ZDI) ZDI-09-083: Microsoft Excel Shared Feature Header Pointer Offset Memory Corruption Vulnerability Excel Cache Memory Corruption Vulnerability (CVE-2009-3129, MS09-067) Vulnerability Reported The specific flaw exists in the handling of Shared Feature Header (0x867) tags in an Excel BIFF file format. When processing the cbHdrData size element of the FEATHEADER it is possible to directly control the distance of a calculated pointer. This condition can be leveraged successfully to execute arbitrary code under the context of the currently logged in user. |
| 2009-08-20 |
Zero Day Initiative (ZDI) ZDI-09-082: Microsoft Office Excel PivotTable Cache Record Parsing Memory Corruption Vulnerability Excel Cache Memory Corruption Vulnerability (CVE-2009-3127, MS09-067) Vulnerability Reported The specific flaw exists when parsing a document containing a malformed PivotCache Stream. The application will utilize the iCache value of an SXVI record to seek into a list of objects. While setting an attribute of that particular object, the application will corrupt memory which can lead to code execution under the context of the currently logged in user. |
| 2009-06-15 |
TippingPoint TPTI-09-06: Microsoft Windows License Logging Service Heap Corruption Vulnerability License Logging Server Heap Overflow Vulnerability (CVE-2009-2523, MS09-064) Vulnerability Reported The specific flaw exists in the handling of RPC calls to the License Logging Service (llssrv.exe). When processing arguments to the LlsrLicenseRequestW method a character array is expected to contain a terminating null byte. By supplying data that does not end in a null it is possible to overlap a call to lstrcatW, resulting in a heap overflow. Successful exploitation of this vulnerability can lead to remote system compromise under the credentials of the SYSTEM account. |
| 2009-04-30 |
iDefense Microsoft Excel FEATHEADER Record Memory Corruption Vulnerability Excel Featheader Record Memory Corruption Vulnerability (CVE-2009-3129, MS09-067) Vulnerability Reported The vulnerability occurs when parsing a FEATHEADER record within an Excel file. This record is used to store information common to multiple other records, and was introduced with Excel 2002 (XP). When certain fields of this record are set to a trigger value, it is possible to corrupt memory in such a way that the next 4 bytes in the record are treated as an object pointer. This pointer is then used to make a virtual function call, which results in the execution of arbitrary code. |
| 2009-03-06 |
iDefense Microsoft Word FIB Processing Stack Buffer Overflow Vulnerability Microsoft Office Word File Information Memory Corruption Vulnerability (CVE-2009-3135, MS09-068) Vulnerability Reported This vulnerability occurs when Word parses the File Information Block (FIB) structure inside a Word document. When a malformed FIB structure is processed, a stack buffer overflow will occur which can lead to an exploitable condition. |