Full Disclosure mailing list archives
Re: Re: [VulnWatch] [xfocus-SD-060314]Microsoft Office Excel Buffer Overflow Vulnerability
From: "ad () heapoverflow com" <ad () heapoverflow com>
Date: Thu, 16 Mar 2006 09:48:20 +0100
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 no, but our discoveries are all patched with the same patch, look at the MS advisory closely: http://www.microsoft.com/technet/security/Bulletin/MS06-012.mspx Microsoft thanks <http://go.microsoft.com/fwlink/?LinkId=21127> the following for working with us to help protect customers: ? Ollie Whitehouse of Symantec <http://symantec.com/> for reporting the Microsoft Office Remote Code Execution Using a Malformed Routing Slip Vulnerability - CVE-2006-0009 ? FelicioX <mailto:feliciox () gmail com> for working with Microsoft on the Microsoft Office Excel Remote Code Execution Using a Malformed Range Vulnerability ? CVE-2005-4131 ? Peter Winter-Smith of NGS Software <http://www.ngssoftware.com/index.htm> for reporting similar behavior to the Remote Code Execution with Microsoft Office Excel Vulnerability - - CVE-2005-4131 ? TippingPoint <http://www.tippingpoint.com/> and the Zero Day Initiative <http://www.zerodayinitiative.com/> for reporting the Microsoft Office Excel Remote Code Execution Using a Malformed File Format Parsing Vulnerability - CVE-2006-0028 ? Dejun of the Fortinet Security Response Team <http://www.fortinet.com> for reporting the Microsoft Office Excel Remote Code Execution Using a Malformed Description Vulnerability - CVE-2006-0029 ? Eyas of the XFOCUS Security Team <http://www.xfocus.org/> for reporting the Microsoft Office Excel Remote Code Execution Using a Malformed Record Vulnerability ? CVE-2006-0031 only FelicioX and NGSS found the same bug ;) Thierry Zoller wrote:
Dear XFOCUS Team, Is this the same vuln as discovered by class101 ? http://www.zerodayinitiative.com/advisories/ZDI-06-004.html
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.1 (MingW32) iD8DBQFEGSZUFJS99fNfR+YRAh9xAJwM9sP9dSlqsn9IsO3czfdj+1sknQCdH/MD Y01obA6+miFI7VGgcYHeOQ0= =KczF -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- [xfocus-SD-060314]Microsoft Office Excel Buffer Overflow Vulnerability XFOCUS Security Team (Mar 14)
- Re: [VulnWatch] [xfocus-SD-060314]Microsoft Office Excel Buffer Overflow Vulnerability Thierry Zoller (Mar 15)
- Re: Re: [VulnWatch] [xfocus-SD-060314]Microsoft Office Excel Buffer Overflow Vulnerability eyas (Mar 15)
- Re: Re: [VulnWatch] [xfocus-SD-060314]Microsoft Office Excel Buffer Overflow Vulnerability ad () heapoverflow com (Mar 16)
- Re: [VulnWatch] [xfocus-SD-060314]Microsoft Office Excel Buffer Overflow Vulnerability Thierry Zoller (Mar 15)