|
: "Word Mail Merge"
: Err0r, 3APA3A
: 03 2002
: Office 97, 2000, XP
: Microsoft
:
: Office 2000 SR1a
:
: 12 2002
:
[1].
Georgi Guninski [2]. Microsoft
hotfix ,
SR1a Microsoft Office.
:
ERRor <error@pochtamt.ru> ,
. 3APA3A
<3APA3A@SECURITY.NNOV.RU>
Outlook Express.
:
Microsoft UNC-
IP- ( \\111.111.111.111\)
.
( )
Office 97, 2000 XP.
,
Word Access Access
Word. Access
- .wav, .html, .txt .. - .
Microsoft Office 2000 SR1a + SP2 Microsoft Office XP SP1
Temporary
Internet Files,
Outlook Express Outlook.
:
( readme.doc, setup.exe setup.dat
, setup.dat Access setup.exe
, readme.doc setup.exe
). expl.doc [4].
Outlook Express .doc-
,
[5].
:
1. (.doc .mdb) .doc
2. IFRAME
MS Word.
3. expl.doc Exploit.doc calc.exe
Internet Explorer 6.0
Internet Explorer
.
:
1. MS Office - Mail Merge
http://www.security.nnov.ru/search/news.asp?binid=415&l=RU
2. Georgi Guninski, MS Word and MS Access vulnerability - executing
arbitrary programs, may be exploited by IE/Outlook
http://www.security.nnov.ru/search/document.asp?docid=518
3. Microsoft Security Bulletin (MS00-071)
Patch Available for "Word Mail Merge" Vulnerability
http://www.microsoft.com/technet/security/bulletin/fq00-071.asp
4. Mail merge vulnerability local POC
http://www.security.nnov.ru/files/mailmerge/2files.zip
5. Mail merge vulnerability Outlook Express POC
http://www.security.nnov.ru/files/mailmerge/2mails.zip
|
