Home ![](/web/20061025224934im_/http://psepc.gc.ca/world/site/images/spacer.gif) ![](/web/20061025224934im_/http://psepc.gc.ca/world/site/images/breadcrumb_arrow.gif) Programs ![](/web/20061025224934im_/http://psepc.gc.ca/world/site/images/spacer.gif) ![](/web/20061025224934im_/http://psepc.gc.ca/world/site/images/breadcrumb_arrow.gif) Emergency management ![](/web/20061025224934im_/http://psepc.gc.ca/world/site/images/spacer.gif) ![](/web/20061025224934im_/http://psepc.gc.ca/world/site/images/breadcrumb_arrow.gif) Response ![](/web/20061025224934im_/http://psepc.gc.ca/world/site/images/spacer.gif) ![](/web/20061025224934im_/http://psepc.gc.ca/world/site/images/breadcrumb_arrow.gif) CCIRC ![](/web/20061025224934im_/http://psepc.gc.ca/world/site/images/spacer.gif) ![](/web/20061025224934im_/http://psepc.gc.ca/world/site/images/breadcrumb_arrow.gif) Analytical releases2 ![](/web/20061025224934im_/http://psepc.gc.ca/world/site/images/spacer.gif) ![](/web/20061025224934im_/http://psepc.gc.ca/world/site/images/breadcrumb_arrow.gif) AV06-018: Microsoft Security Bulletin MS06-033, MS06-034, MS06-035, MS06-036, MS06-037, MS06-038, MS06-039
Number: AV06-018 Date: 12 July 2006 PurposeThe purpose of this advisory is to bring attention to the following vulnerabilities (5 Critical, and 2 Important) in some Microsoft products. MS06-033: Vulnerability in ASP.NET Could Allow Information Disclosure (917283) AssessmentThis vulnerability could allow an attacker to bypass ASP.Net security and gain unauthorized access to objects in the Application folder explicitly by name. Impact of Vulnerability: Information Disclosure Maximum Severity Rating: Important Affected Software - NET Framework 2.0 for the following operating system versions:
- Microsoft Windows 2000 Service Pack 4
- Microsoft Windows XP Service Pack 1 or Windows XP Service Pack 2
- Microsoft Windows XP Professional x64 Edition
- Microsoft Windows XP Tablet PC Edition
- Microsoft Windows XP Media Center Edition
- Microsoft Windows Server 2003 or Windows Server 2003 Service Pack 1
- Microsoft Windows Server 2003 for Itanium-based systems and Microsoft Windows Server with SP1 for Itanium-based Systems
- Microsoft Windows Server 2003 x64 Edition
- Affected Components:
Suggested actionPSEPC recommends that administrators test and install the update at the earliest opportunity. http://www.microsoft.com/technet/security/bulletin/MS06-033.mspx MS06-034: Vulnerability in Microsoft Internet Information Services using Active Server Pages Could Allow Remote Code Execution (917537) AssessmentInternet Information Services Using Malformed Active Server Pages Vulnerability - CVE-2006-0026 There is a remote code execution vulnerability in Internet Information Services (IIS). An attacker could exploit the vulnerability by constructing a specially crafted Active Server Pages (ASP) file, potentially allowing remote code execution if the Internet Information Services (IIS) processes the specially crafted file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. Impact of Vulnerability: Remote Code Execution Maximum Severity Rating: Important Affected Software - Microsoft Windows 2000 Service Pack 4
- Microsoft Windows XP Professional Service Pack 1 and Microsoft Windows XP Professional Service Pack 2
- Microsoft Windows XP Professional x64 Edition
- Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
- Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with Service Pack 1 for Itanium-based Systems
- Microsoft Windows Server 2003 x64 Edition family
Affected Components: - Microsoft Internet Information Services (IIS) 6.0
- Microsoft Internet Information Services (IIS) 5.1
- Microsoft Internet Information Services (IIS) 5.0
Suggested actionPSEPC recommends that administrators test and install the update at the earliest opportunity. http://www.microsoft.com/technet/security/Bulletin/MS06-034.mspx MS06-035: Vulnerability in Server Service Could Allow Remote Code Execution (917159) AssessmentThis update resolves two vulnerabilities in the Server service, the most serious of which could allow remote code execution. Impact of Vulnerability: Remote Code Execution Maximum Severity Rating: Critical Affected Software - Microsoft Windows 2000 Service Pack 4
- Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
- Microsoft Windows XP Professional x64 Edition
- Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
- Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
- Microsoft Windows Server 2003 x64 Edition
Suggested actionPSEPC recommends that administrators test and install the update at the earliest opportunity. http://www.microsoft.com/technet/security/bulletin/MS06-035.mspx MS06-036: Vulnerability in DHCP Client Service Could Allow Remote Code Execution (914388) AssessmentBuffer Overrun in DHCP Client Service Vulnerability - CVE-2006-2372 There is a remote code execution vulnerability in the DHCP Client service that could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system. Impact of Vulnerability: Remote Code Execution Maximum Severity Rating: Critical Affected Software - Microsoft Windows 2000 Service Pack 4
- Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
- Microsoft Windows XP Professional x64 Edition
- Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
- Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
- Microsoft Windows Server 2003 x64 Edition
Suggested actionPSEPC recommends that administrators test and install the update at the earliest opportunity. http://www.microsoft.com/technet/security/Bulletin/MS06-036.mspx MS06-037: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (917285) AssessmentMicrosoft Excel Malformed SELECTION record Vulnerability - CVE-2006-1301 A remote code execution vulnerability exists in Excel that results from the processing of a malformed SELECTION record. An attacker could exploit the vulnerability by constructing a specially crafted Excel file that could allow remote code execution. Microsoft Excel Malformed SELECTION record Vulnerability - CVE-2006-1302 A remote code execution vulnerability exists in Excel that results from processing of a malformed SELECTION record. An attacker could exploit the vulnerability by constructing a specially crafted Excel file that could allow remote code execution. Microsoft Excel Malformed COLINFO record Vulnerability - CVE-2006-1304 A remote code execution vulnerability exists in Excel that results from processing of a malformed COLINFO record. An attacker could exploit the vulnerability by constructing a specially crafted Excel file that could allow remote code execution. Microsoft Excel Malformed OBJECT Record Vulnerability - CVE-2006-1306 A remote code execution vulnerability exists in Excel that results from processing of a malformed OBJECT record. An attacker could exploit the vulnerability by constructing a specially crafted Excel file that could allow remote code execution. Microsoft Excel Malformed FNGROUPCOUNT Value Vulnerability - CVE-2006-1308 A remote code execution vulnerability exists in Excel that results from the processing of a malformed FNGROUPCOUNT value file. An attacker could exploit the vulnerability by constructing a specially crafted Excel file that could allow remote code execution. Microsoft Excel Malformed LABEL record Vulnerability - CVE-2006-1309 A remote code execution vulnerability exists in Excel that results from the processing of a malformed LABEL record file. An attacker could exploit the vulnerability by constructing a specially crafted Excel file that could allow remote code execution. Microsoft Excel Rebuilding Vulnerability - CVE-2006-2388 A remote code execution vulnerability exists in Excel that results from the processing of a malformed Chart file. An attacker could exploit the vulnerability by constructing a specially crafted Excel file that could allow remote code execution. Microsoft Excel Malformed file Vulnerability - CVE-2006-3059 A remote code execution vulnerability exists in Excel that results from the processing of a malformed file. An attacker could exploit the vulnerability by constructing a specially crafted Excel file that could allow remote code execution. Impact of Vulnerability: Remote Code Execution Maximum Severity Rating: Critical Affected Software - Microsoft Office 2003 Service Pack 1 or Service Pack 2
- Microsoft Excel 2003
- Microsoft Excel Viewer 2003
- Microsoft Office XP Service Pack 3
- Microsoft Office 2000 Service Pack 3
- Microsoft Office 2004 for Mac
- Microsoft Excel 2004 for Mac
- Microsoft Office v. X for Mac
- Microsoft Excel v. X for Mac
Suggested actionPSEPC recommends that administrators test and install the update at the earliest opportunity. http://www.microsoft.com/technet/security/Bulletin/MS06-037.mspx MS06-038: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (917284) AssessmentMicrosoft Office Parsing Vulnerability - CVE-2006-1316 A remote code execution vulnerability exists in Office, and could be exploited when a malformed string included in an Office file is parsed by any of the affected Office applications. Such a string might be included in an email attachment processed by one of the affected applications or hosted on a malicious web site. Viewing or previewing a malformed email message in an affected version of Outlook could not lead to exploitation of this vulnerability. An attacker could exploit the vulnerability by constructing a specially crafted Office file that could allow remote code execution. Microsoft Office Malformed String Parsing Vulnerability - CVE-2006-1540 A remote code execution vulnerability exists in Office, and could be exploited when a malformed string included in an Office file is parsed by any of the affected Office applications. Such a string might be included in an email attachment processed by one of the affected applications or hosted on a malicious web site. Viewing or previewing a malformed email message in an affected version of Outlook could not lead to exploitation of this vulnerability. An attacker could exploit the vulnerability by constructing a specially crafted Office file that could allow remote code execution. Microsoft Office Property Vulnerability - CVE-2006-2389 A remote code execution vulnerability exists in Office, and could be exploited when a malformed property included in an Office file is parsed by any of the affected Office applications. Such a property might be included in an email attachment processed by one of the affected applications or hosted on a malicious web site. Viewing or previewing a malformed email message in an affected version of Outlook could not lead to exploitation of this vulnerability. An attacker could exploit the vulnerability by constructing a specially crafted Office file that could allow remote code execution. Impact of Vulnerability: Remote Code Execution Maximum Severity Rating: Critical Affected Software - Microsoft Office 2003 Service Pack 1 or Service Pack 2
- Microsoft Access 2003
- Microsoft Excel 2003
- Microsoft Excel 2003 Viewer
- Microsoft FrontPage 2003
- Microsoft InfoPath 2003
- Microsoft OneNote 2003
- Microsoft Outlook 2003
- Microsoft PowerPoint 2003
- Microsoft Project 2003
- Microsoft Publisher 2003
- Microsoft Visio 2003
- Microsoft Word 2003
- Microsoft Word 2003 Viewer
- Microsoft Office XP Service Pack 3
- Microsoft Access 2002
- Microsoft Excel 2002
- Microsoft FrontPage 2002
- Microsoft Outlook 2002
- Microsoft PowerPoint 2002
- Microsoft Publisher 2002
- Microsoft Visio 2002
- Microsoft Word 2002
- Microsoft Office 2000 Service Pack 3
- Microsoft Access 2000
- Microsoft Excel 2000
- Microsoft FrontPage 2000
- Microsoft Outlook 2000
- Microsoft PowerPoint 2000
- Microsoft Publisher 2000
- Microsoft Word 2000
- Microsoft Project 2002 Service Pack 2
- Microsoft Visio 2002 Service Pack 2
- Microsoft Project 2000 Service Release 1
- Microsoft Office 2004 for Mac
- Microsoft Office v. X for Mac
Suggested actionPSEPC recommends that administrators test and install the update at the earliest opportunity. http://www.microsoft.com/technet/security/Bulletin/MS06-038.mspx MS06-039: Vulnerabilities in Microsoft Office Filters Could Allow Remote Code Execution (915384) AssessmentMicrosoft Office Remote Code Execution Using a Malformed PNG Vulnerability- CVE-2006-0033 A remote code execution vulnerability exists in Office and could be exploited when Office opens a malformed PNG file. An attacker could exploit the vulnerability by constructing a specially crafted PNG file that could allow remote code execution. Microsoft Office Remote Code Execution Using a Malformed GIF Vulnerability- CVE-2006-0007 A remote code execution vulnerability exists in Office and could be exploited when a user opens a malformed GIF file. An attacker could exploit the vulnerability by constructing a specially crafted GIF file that could allow remote code execution. Impact of Vulnerability: Remote Code Execution Maximum Severity Rating: Critical Affected Software - Microsoft Office 2003 Service Pack 1 or Service Pack 2
- Microsoft Project 2003
- OneNote 2003
- Microsoft Office XP Service Pack 3
- Microsoft Office 2000 Service Pack 3
- Microsoft Project 2002
- Microsoft Project 2000
- Microsoft Works Suites:
- Microsoft Works Suite 2004
- Microsoft Works Suite 2005
- Microsoft Works Suite 2006
Suggested actionPSEPC recommends that administrators test and install the update at the earliest opportunity. http://www.microsoft.com/technet/security/Bulletin/MS06-039.mspx Note to readersPublic Safety and Emergency Preparedness Canada (PSEPC) collects information related to cyber and physical threats to, and incidents involving, Canadian critical infrastructure. This allows us to monitor and analyze threats and to issue alerts, advisories and other information products. To report threats or incidents, please contact the Government Operations Centre (GOC) at 613-991-7000 or goc-cog@psepc-sppcc.gc.ca by e-mail. Unauthorized use of computer systems and mischief in relation to data are serious Criminal Code offences in Canada. Any suspected criminal activity should be reported to local law enforcement organizations. The Royal Canadian Mounted Police (RCMP) National Operations Centre (N.O.C.) provides a 24/7 service to receive such reports or to redirect callers to local law enforcement organizations. The N.O.C. can be reached at 613-993-4460. National security concerns should be reported to the Canadian Security Intelligence Service (CSIS) at 613-993-9620. For urgent matters or to report any incidents, please contact the Government Operations Centre at: Phone: 613-991-7000 Fax: 613-996-0995 Secure Fax: 613-991-7094 Email: goc-cog@psepc-sppcc.gc.ca For general information on critical infrastructure protection and emergency preparedness, please contact PSEPC's Public Affairs division at: Telephone: 613-944-4875 or 1-800-830-3118 Fax: 613-998-9589 E-mail: communications@psepc-sppcc.gc.ca Web: www.psepc.gc.ca
|