Bugtraq mailing list archives

Re: @Stake Advisory: Microsoft Office 2000 ClipArt Vulnerablity

From: dmiller () WFDEVELOPMENT COM (Dustin Miller)
Date: Tue, 7 Mar 2000 20:56:28 -0600


This bug does not seem to affect Windows Millennium Edition Build 2476,
oddly enough.  I do have Office 2000 Professional installed (retail
version), and CAG alarms with an error, but no key was created.

-----Original Message-----
<SNIP>
        Advisory Name: ClipArt Gallery Overflow
    Advisory Released: 03/06/00
          Application: Microsoft Office 2000
             Severity: An attacker can seize control of a Windows 95, 98,NT,
                       or 2000 machine via any HTML source, including
                       Microsoft Outlook e-mail.
               Status: Vendor patch available, workaround available
               Author: dildog () l0pht com
                  WWW: http://www.l0pht.com/advisories.html

</SNIP>

Current thread:

OpenLinux 2.3: rpm_query, (continued)
- - - OpenLinux 2.3: rpm_query harikiri (Mar 04)
- Re: [ Hackerslab bug_paper ] Linux dump buffer overflow Eugene Teo (Mar 02)
  - Re: [ Hackerslab bug_paper ] Linux dump buffer overflow Derek Callaway (Mar 02)
    - Re: [ Hackerslab bug_paper ] Linux dump buffer overflow Przemyslaw Frasunek (Mar 03)
  - Potential security problem with mtr Viktor Fougstedt (Mar 03)
    - Re: Potential security problem with mtr LaMont Jones (Mar 03)
    - Re: Potential security problem with mtr Viktor Fougstedt (Mar 03)
    - [RHSA-2000:006-01] New nmh packages available bugzilla () REDHAT COM (Mar 06)
    - Microsoft Security Bulletin (MS00-015) Microsoft Product Security (Mar 06)
    - @Stake Advisory: Microsoft Office 2000 ClipArt Vulnerablity Weld Pond (Mar 07)
    - Re: @Stake Advisory: Microsoft Office 2000 ClipArt Vulnerablity Dustin Miller (Mar 07)
    - Re: @Stake Advisory: Microsoft Office 2000 ClipArt Vulnerablity Weld Pond (Mar 08)
    - Problem with MacOS 9 Multiple Users and Netware AFP Don Lambert (Mar 03)
    - Re: Potential security problem with mtr Rogier Wolff (Mar 03)
    - Re: Potential security problem with mtr Viktor Fougstedt (Mar 04)
    - Re: Potential security problem with mtr - fixed Jeff Dafoe (Mar 06)
    - userv (security boundary tool) 1.0.0 released Ian Jackson (Mar 06)
  - Aol Instant Messenger DoS vulnerability hi im cruz (Mar 03)
  - TrendMicro OfficeScan, numerous security holes, remote files modification. Captain'z root (Mar 03)
- Re: [ Hackerslab bug_paper ] Linux dump buffer overflow Lamagra Argamal (Mar 03)