Reported June 19, 2002, by
Microsoft.
VERSIONS AFFECTED
·
Microsoft Excel 2002 for Windows
·
Microsoft Excel 2000 for Windows
·
Microsoft Office XP for Windows
·
Microsoft Office 2000 for Windows
·
Microsoft Word 2002 for Windows
DESCRIPTION
Multiple vulnerabilities exist in Excel, Office XP,
and Word for Windows, all of which enable an attacker to execute macro code on
the vulnerable system. These four newly discovered vulnerabilities are:
·
An Excel macro execution vulnerability that relates to how
the system handles inline macros associated with objects. This vulnerability can
enable macros to execute and bypass the Macro Security Model when an affected
user clicks an object in a workbook.
·
An Excel macro execution vulnerability that relates to how
the system handles macros in workbooks when a user opens those workbooks from a
hyperlink on a drawing shape. It's possible for an attacker to automatically run
workbook macros so invoked.
·
An HTML script execution vulnerability that can occur when
a user opens an Excel workbook with an XSL stylesheet containing HTML script. An
attacker can run the script within the XSL stylesheet in the local computer
zone.
·
A new variant of the Word Mail Merge vulnerability first
addressed in Security Bulletin MS00-071
(Patch Available for "Word Mail Merge" Vulnerability). This new
variant lets an attacker's macro code run automatically if the affected user has
Access on the system and chooses to open a mail-merge document that the user had
saved in HTML format.
VENDOR RESPONSE
The
vendor, Microsoft, has released Security
Bulletin MS02-031
(Cumulative Patches for Excel and Word for Windows) to address this
vulnerability and recommends that affected users download and apply the
appropriate patch mentioned in the bulletin. These patches are cumulative and
address all previously discovered vulnerabilities in the affected products.
CREDIT
Discovered
by the dH team, Darryl Higa, and SECURITY.NNOV.
Multiple Vulnerabilities in Microsoft Excel, Office XP, and Word
1 comment
Hide comments