These two weeks of Word flaws – can we survive?

Since 5th December we have seen three separate, serious vulnerabilities in Microsoft Word:

[Disclosed – original reference – CVE name
Affected products and product versions]

Tue 5th Dec – MS Security Advisory #929433CVE-2006-5994 and FAQ
Word 2003/2002/2000, Word 2004/v. X for Mac, Works 2006/2005/2004, Word Viewer 2003

Sat 9th Dec – MSRC Blog entry 10th DecCVE-2006-6456
Word 2003/2002/2000, Word Viewer 2003

Tue 12th Dec – Fuzzing list postingCVE-2006-6561
Word 2003/2002/2000, Word 2004/v. X for Mac, Word Viewer 2003, OpenOffice.org 2/1.1.3, AbiWord 2.2

Related to the third issue new submission to VirusTotal has been done. There is some better results now:

# 12.15.2006 01:04:58 (CET)

AntiVir 14th Dec: EXP/W97M.DuBug
BitDefender 15th Dec: Exploit.MSWord.Gen.2
Fortinet 14th Dec: W32/CVE20065994!exploit (the CVE of 1st issue)
Ikarus 14th Dec: Exploit.MSWord.Gen.2
McAfee 14th Dec: Exploit-MSWord.c.demo
NOD32v2 14th Dec: W97M/Exploit.1Table.NAE
Panda 15th Dec: Trj/1Table.D

Symantec is not listed, but they have released Bloodhound.Exploit.108.

Print Friendly, PDF & Email

Published by

Juha-Matti

Security consultant from Finland

Comments are closed.