Vulnerability Development mailing list archives
MS03-035
From: <mars577986 () hotmail com>
Date: 7 Oct 2003 20:16:07 -0000
Greetings all: I am working on trying to learn more about this exploit for a networking class at school. Has anyone been able to develop a successful exploit for this vulnerability? As usual the Microsoft security bulletin was extremely vague in terms of actual technical details regarding this vulnerability but I can't really say that I blame them. What I am most interested in is, Jim Basset says that he noticed all documents developed from an "unusual template" as he put it were able to bypass macro security. Does this mean that the bypass only occurs if the template and malicious document were on the same system? To my meager intellect, it would appear as such. If it helps, I had filemon open while I tried to apply the patch and noticed that the most obvious thing that was being written to was in fact winword.exe itself. I would then venture that this is where the problem lies, the darn thing is at least 8 MB in size. Oh well, perhaps one of you folks knows some more about this. mars
Current thread:
- MS03-035 mars577986 (Oct 08)