Bugtraq mailing list archives
Re: @Stake Advisory: Microsoft Office 2000 ClipArt Vulnerablity
From: weld () L0PHT COM (Weld Pond)
Date: Wed, 8 Mar 2000 09:13:05 -0500
On Tue, 7 Mar 2000, Dustin Miller wrote:
This bug does not seem to affect Windows Millennium Edition Build 2476, oddly enough. I do have Office 2000 Professional installed (retail version), and CAG alarms with an error, but no key was created.
From the advisory:
This is proof of concept code only, but theoretically could be any executable code desired. This code works only on Windows 2000, but shifting around a few offsets yields code that works under Windows NT 4.0 and Win9X. Our proof of concept code will not give you a working test for the vulnerability on NT 4.0, 95, 98, mill. edition or even all versions of Win 2000. Just because the key is not created don't think that you are not vulnerable. As far as we know all versions of Clip Art Gallery shipped with these products are effected: Office 2000, Home Publishing 2000, Works 2000, Picture It! 2000, and PhotoDraw? 2000 Version 1. -weld
Current thread:
- Re: [ Hackerslab bug_paper ] Linux dump buffer overflow, (continued)
- Re: [ Hackerslab bug_paper ] Linux dump buffer overflow Eugene Teo (Mar 02)
- Re: [ Hackerslab bug_paper ] Linux dump buffer overflow Derek Callaway (Mar 02)
- Re: [ Hackerslab bug_paper ] Linux dump buffer overflow Przemyslaw Frasunek (Mar 03)
- Potential security problem with mtr Viktor Fougstedt (Mar 03)
- Re: Potential security problem with mtr LaMont Jones (Mar 03)
- Re: Potential security problem with mtr Viktor Fougstedt (Mar 03)
- [RHSA-2000:006-01] New nmh packages available bugzilla () REDHAT COM (Mar 06)
- Microsoft Security Bulletin (MS00-015) Microsoft Product Security (Mar 06)
- @Stake Advisory: Microsoft Office 2000 ClipArt Vulnerablity Weld Pond (Mar 07)
- Re: @Stake Advisory: Microsoft Office 2000 ClipArt Vulnerablity Dustin Miller (Mar 07)
- Re: @Stake Advisory: Microsoft Office 2000 ClipArt Vulnerablity Weld Pond (Mar 08)
- Re: [ Hackerslab bug_paper ] Linux dump buffer overflow Derek Callaway (Mar 02)
- Re: [ Hackerslab bug_paper ] Linux dump buffer overflow Eugene Teo (Mar 02)
- Problem with MacOS 9 Multiple Users and Netware AFP Don Lambert (Mar 03)
- Re: Potential security problem with mtr Rogier Wolff (Mar 03)
- Re: Potential security problem with mtr Viktor Fougstedt (Mar 04)
- Re: Potential security problem with mtr - fixed Jeff Dafoe (Mar 06)
- userv (security boundary tool) 1.0.0 released Ian Jackson (Mar 06)