Re: @Stake Advisory: Microsoft Office 2000 ClipArt Vulnerablity

From: Dustin Miller (dmillerat_private)
Date: Tue Mar 07 2000 - 18:56:28 PST

Next message: Nick FitzGerald: "Re: NAI/McAfee Viruscan Engine does not scan .VBS files by defau"

Previous message: Michael Meskes: "Re: Corel Linux 1.0 dosemu default configuration: Local root vuln"
Maybe in reply to: Weld Pond: "@Stake Advisory: Microsoft Office 2000 ClipArt Vulnerablity"
Next in thread: Weld Pond: "Re: @Stake Advisory: Microsoft Office 2000 ClipArt Vulnerablity"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This bug does not seem to affect Windows Millennium Edition Build 2476,
oddly enough.  I do have Office 2000 Professional installed (retail
version), and CAG alarms with an error, but no key was created.


-----Original Message-----
<SNIP>
        Advisory Name: ClipArt Gallery Overflow
    Advisory Released: 03/06/00
          Application: Microsoft Office 2000
             Severity: An attacker can seize control of a Windows 95, 98,NT,
                       or 2000 machine via any HTML source, including
                       Microsoft Outlook e-mail.
               Status: Vendor patch available, workaround available
               Author: dildogat_private
                  WWW: http://www.l0pht.com/advisories.html

</SNIP>

Next message: Nick FitzGerald: "Re: NAI/McAfee Viruscan Engine does not scan .VBS files by defau"
Previous message: Michael Meskes: "Re: Corel Linux 1.0 dosemu default configuration: Local root vuln"
Maybe in reply to: Weld Pond: "@Stake Advisory: Microsoft Office 2000 ClipArt Vulnerablity"
Next in thread: Weld Pond: "Re: @Stake Advisory: Microsoft Office 2000 ClipArt Vulnerablity"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:39:11 PDT