Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Fw: warning
From: full-disclosure () lists netsys com (Thor Larholm)
Date: Tue, 30 Jul 2002 17:52:10 +0200

----- Original Message -----
From: "Thor Larholm" <thor () pivx com>
To: <guninski () guninski com>; <NTBUGTRAQ () LISTSERV NTBUGTRAQ COM>;
<bugtraq () securityfocus com>
Sent: Tuesday, July 30, 2002 5:22 PM
Subject: RE: warning


If your vulnerability deals with the "Office Web Components" then no
warning
should be necessary at this point, since Microsoft already yanked the OWC
downloads (both OWC 9 and 10) from their download pages back in April when
GreyMagic Software uncovered several vulnerabilities in them.

From their download page (
http://office.microsoft.com/downloads/2002/owc10.aspx ):
"Microsoft has temporarily removed the Office Web Components while we
conduct an investigation of potential security vulnerabilities.  At the
completion of our investigation, the OWC will be reposted. Thank you for
your patience."

Appareantly, researching these vulnerabilities must be very hard on MS
(despite their simplicity) since this has been so for a quarter of a year
by
now. The vulns that triggered this action:

http://sec.greymagic.com/adv/gm005-ie/
http://sec.greymagic.com/adv/gm006-ie/
http://sec.greymagic.com/adv/gm007-ie/
http://sec.greymagic.com/adv/gm008-ie/

And again, these are still unpatched together with the total of 21
publicly
known unpatched vulnerabilities currently found in IE:

http://www.pivx.com/larholm/unpatched/

Of course, if you have installed Office by itself then you probably
already
have OWC installed. Luckily this can be uninstalled separately by going to

ControlPanel -  Add/Remove programs - Office - Change - Office Tools -
Office Web Components.

If a system administrator installed OWC from a network share, then OWC
will
be silently re-installed when used again - in which case you are out of
luck.

If your vulnerability did not deal with OWC, then apologize my intrusion
and
let me guess on a Content-Type/Content-Disposition variant - though your
suggested workaround would make no sense then :)


Regards
Thor Larholm, Security Researcher
PivX Solutions, LLC

Are You Secure?
http://www.PivX.com

-----Original Message-----
From: Georgi Guninski [mailto:guninski () GUNINSKI COM]
Sent: 30. juli 2002 16:36
To: NTBUGTRAQ () LISTSERV NTBUGTRAQ COM
Subject: warning


Consider this a warning, full details to come soon.
windows + ie 6.0 + office xp may get owned by visiting a web page.
workaround/solution: disable "activex and plugins" until someone produce a
patch.
After this warning, don't whine about responsibity issues - first check
microsoft's responsiblity in "help -> about"

Georgi Guninski
http://www.guninski.com




  By Date           By Thread  

Current thread:
  • warning Georgi Guninski (Jul 30)
    • <Possible follow-ups>
    • Fw: warning Thor Larholm (Jul 30)
    • Fw: warning Thor Larholm (Jul 30)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]