HolidayBuyer's Guide

Spyware, Viruses, & Security forum

General discussion

VULNERABILITIES \ FIXES - October 9, 2007

by Marianna Schmudlach / October 9, 2007 1:59 AM PDT

MailBee WebMail Cross-Site Scripting Vulnerabilities

Secunia Advisory: SA27073
Release Date: 2007-10-09


Critical:
Less critical
Impact: Cross Site Scripting

Where: From remote

Solution Status: Vendor Patch


Software: MailBee WebMail Lite 4.x
MailBee WebMail Pro 3.x

Description:
Ivan Javier Sanchez has reported some vulnerabilities in MailBee WebMail, which can be exploited by malicious people to conduct cross-site scripting attacks.

Input passed to the "mode" parameter in login.php and to the "mode2" parameter in default.asp is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerability is reported in versions prior to MailBee WebMail Pro ASP 3.4.64, MailBee WebMail Lite ASP 4.0.11, and MailBee WebMail Lite PHP 4.0.22.

Solution:
Update to MailBee WebMail Pro ASP 3.4.64, MailBee WebMail Lite ASP 4.0.11, or MailBee WebMail Lite PHP 4.0.22.

Provided and/or discovered by:
Ivan Javier Sanchez

Discussion is locked
You are posting a reply to: VULNERABILITIES \ FIXES - October 9, 2007
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: VULNERABILITIES \ FIXES - October 9, 2007
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Fedora update for kdelibs
by Marianna Schmudlach / October 9, 2007 2:01 AM PDT

Secunia Advisory: SA27090
Release Date: 2007-10-09


Critical:
Less critical
Impact: Spoofing

Where: From remote

Solution Status: Vendor Patch


OS: Fedora Core 6

Description:
Fedora has issued an update for kdelibs. This fixes some vulnerabilities, which can be exploited by malicious people to conduct spoofing attacks.

For more information:
SA26091
SA26351

Solution:
Apply updated packages.

Original Advisory:
https://www.redhat.com/archives/fedor...e-announce/2007-October/msg00085.html

Other References:
SA26091:
http://secunia.com/advisories/26091/

SA26351:
http://secunia.com/advisories/26351/

Collapse -
Fedora update for kdebase
by Marianna Schmudlach / October 9, 2007 2:02 AM PDT

Secunia Advisory: SA27096
Release Date: 2007-10-09


Critical:
Less critical
Impact: Security Bypass
Spoofing

Where: From remote

Solution Status: Vendor Patch


OS: Fedora Core 6

Description:
Fedora has issued an update for kdebase. This fixes a security issue and some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions and by malicious people to conduct spoofing attacks.

For more information:
SA26091
SA26351
SA26894

Solution:
Apply updated packages.

Original Advisory:
https://www.redhat.com/archives/fedor...e-announce/2007-October/msg00084.html

Other References:
SA26091:
http://secunia.com/advisories/26091/

SA26351:
http://secunia.com/advisories/26351/

SA26894:
http://secunia.com/advisories/26894/

Collapse -
Fedora update for kernel
by Marianna Schmudlach / October 9, 2007 2:04 AM PDT

Secunia Advisory: SA27101
Release Date: 2007-10-09


Critical:
Not critical
Impact: Exposure of sensitive information

Where: From local network

Solution Status: Vendor Patch


OS: Fedora Core 6

Description:
Fedora has issued an update for the kernel. This fixes a vulnerability, which can be exploited by malicious, local users to disclose potentially sensitive information.

For more information:
SA26918

Solution:
Apply updated packages.

Original Advisory:
https://www.redhat.com/archives/fedor...e-announce/2007-October/msg00083.html

Other References:
SA26918:
http://secunia.com/advisories/26918/

Collapse -
Fedora update for xen
by Marianna Schmudlach / October 9, 2007 2:05 AM PDT

Secunia Advisory: SA27103
Release Date: 2007-10-09


Critical:
Less critical
Impact: Security Bypass
Privilege escalation

Where: Local system

Solution Status: Vendor Patch


OS: Fedora Core 6

Description:
Fedora has issued an update for xen. This fixes some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions or gain escalated privileges.

For more information:
SA26986

Solution:
Apply updated packages.

Original Advisory:
https://www.redhat.com/archives/fedor...e-announce/2007-October/msg00082.html

Other References:
SA26986:
http://secunia.com/advisories/26986/

Collapse -
rPath update for util-linux
by Marianna Schmudlach / October 9, 2007 2:07 AM PDT

Secunia Advisory: SA27104
Release Date: 2007-10-09


Critical:
Not critical
Impact: Privilege escalation

Where: Local system

Solution Status: Vendor Patch


OS: rPath Linux 1.x

Description:
rPath has issued an update for util-linux. This fixes a vulnerability, which potentially can be exploited by malicious, local users to perform certain actions with escalated privileges.

For more information:
SA27145

Solution:
Update to "util-linux=/conary.rpath.com@rpl:devel//1/2.12r-1.5-1".

Original Advisory:
http://lists.rpath.com/pipermail/security-announce/2007-October/000264.html

Other References:
SA27145:
http://secunia.com/advisories/27145/

Collapse -
TorrentTrader Cross-Site Scripting and Local File Inclusion
by Marianna Schmudlach / October 9, 2007 2:08 AM PDT

Secunia Advisory: SA27109
Release Date: 2007-10-09


Critical:
Moderately critical
Impact: Cross Site Scripting
Exposure of system information
Exposure of sensitive information

Where: From remote

Solution Status: Vendor Patch


Software: TorrentTrader 1.x

Description:
HACKERS PAL has discovered some vulnerabilities in TorrentTrader, which can be exploited by malicious people to conduct cross-site scripting attacks or to disclose sensitive information.

1) Input passed to the "ss_uri" parameter in backend/admin-functions.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources.

2) Input passed to the "color" parameter in pjirc/css.php and to the "cat" parameter in browse.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerabilities are confirmed in version 1.07. Prior versions may also be affected.

Solution:
Update to version 1.08.

Provided and/or discovered by:
HACKERS PAL

Collapse -
WebSphere Application Server for z/OS HTTP Server Denial of
by Marianna Schmudlach / October 9, 2007 2:10 AM PDT

WebSphere Application Server for z/OS HTTP Server Denial of Service


Secunia Advisory: SA27121
Release Date: 2007-10-09


Critical:
Not critical
Impact: DoS

Where: Local system

Solution Status: Unpatched


Software: IBM WebSphere Application Server 6.0.x




Description:
IBM has acknowledged a vulnerability in WebSphere Application Server for z/OS, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

For more information:
SA26759

The vulnerability affects WebSphere Application Server 6.0.1 for z/OS.

Solution:
Apply PK53984 or Fix Pack 6.0.2.23 when it becomes available.

Grant only trusted users access to affected systems.

Original Advisory:
http://www-1.ibm.com/support/docview.wss?uid=swg1PK53984

Other References:
SA26759:
http://secunia.com/advisories/26759/

Collapse -
PWLib "PString::vsprintf()" Denial of Service Vulnerability
by Marianna Schmudlach / October 9, 2007 2:11 AM PDT

Secunia Advisory: SA27127
Release Date: 2007-10-09


Critical:
Less critical
Impact: DoS

Where: From remote

Solution Status: Unpatched


Software: PWLib 1.x

Description:
A vulnerability has been discovered in PWLib, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an error within the "PString::vsprintf()" method in src/ptlib/common/contain.cxx. This can be exploited to cause a memory corruption by e.g. tricking an application using the library to use this function with a string longer than 1000 bytes.

The vulnerability is confirmed in version 1.10.4-1 for Fedora Core 6. Other versions may also be affected.

Solution:
Use applications linked against PWLib in trusted environments and trusted data only.

Provided and/or discovered by:
Reported in a Red Hat advisory.

Original Advisory:
http://rhn.redhat.com/errata/RHSA-2007-0932.html

Collapse -
Fedora update for elinks
by Marianna Schmudlach / October 9, 2007 2:13 AM PDT

Secunia Advisory: SA27132
Release Date: 2007-10-09


Critical:
Less critical
Impact: Exposure of sensitive information

Where: From local network

Solution Status: Vendor Patch


OS: Fedora Core 6

Description:
Fedora has issued an update for elinks. This fixes a weakness, which can be exploited by malicious people to disclose sensitive information.

For more information:
SA26956

Solution:
Apply updated packages.

Original Advisory:
https://www.redhat.com/archives/fedor...e-announce/2007-October/msg00079.html

Other References:
SA26956:
http://secunia.com/advisories/26956/

Collapse -
Sun Solaris vuidmice Streams Modules Denial of Service
by Marianna Schmudlach / October 9, 2007 2:14 AM PDT

Secunia Advisory: SA27135
Release Date: 2007-10-09


Critical:
Not critical
Impact: DoS

Where: Local system

Solution Status: Vendor Patch


OS: Sun Solaris 10
Sun Solaris 8
Sun Solaris 9


Description:
A security issue has been reported in Sun Solaris, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

The security issue is caused due to an unspecified error in the vuidmice(7M) STREAMS modules and can be exploited to render the console unusuable.

Successful exploitation requires access to the system console device.

The security issue is reported in Solaris 8, 9, and 10 on the x86 platform.

Solution:
Apply patches.

Solaris 8:
Patch 114154-02 or later
http://sunsolve.sun.com/search/docume...setkey=urn:cds:docid:1-21-114154-02-1

Solaris 9:
Patch 117419-03 or later
http://sunsolve.sun.com/search/docume...setkey=urn:cds:docid:1-21-117419-03-1

Solaris 10:
Patch 127751-01 or later
http://sunsolve.sun.com/search/docume...setkey=urn:cds:docid:1-21-127751-01-1

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103065-1

Collapse -
Interstage Application Server Full Path Disclosure Weakness
by Marianna Schmudlach / October 9, 2007 2:16 AM PDT

Secunia Advisory: SA27136
Release Date: 2007-10-09


Critical:
Not critical
Impact: Exposure of system information

Where: From remote

Solution Status: Unpatched


Software: Interstage Application Server 7.x
Interstage Application Server 8.x
Interstage Application Server 9.x
Interstage Apworks 7.x
Interstage Apworks 8.x
Interstage Studio 8.x
Interstage Studio 9.x

Description:
A weakness has been reported in Interstage Application Server, which can be exploited by malicious people to disclose system information.

The weakness is caused due to the full web server path being disclosed in error messages when performing certain unspecified actions on the web server.

Please see the vendor advisory for a list of affected products.

Solution:
The vendor will reportedly address this issue in future versions.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
http://www.fujitsu.com/global/support...ty/products-f/interstage-200705e.html

Collapse -
LiveAlbum "livealbum_dir" File Inclusion Vulnerability
by Marianna Schmudlach / October 9, 2007 2:17 AM PDT

Secunia Advisory: SA27139
Release Date: 2007-10-09


Critical:
Highly critical
Impact: Exposure of system information
Exposure of sensitive information
System access

Where: From remote

Solution Status: Unpatched


Software: LiveAlbum 0.x

Description:
S.W.A.T. has discovered a vulnerability in LiveAlbum, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system.

Input passed to the "livealbum_dir" parameter in common.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local or external resources.

Successful exploitation requires that "register_globals" is enabled.

The vulnerability is confirmed in version 0.9.1. Other versions may also be affected.

Solution:
Edit the source code to ensure that input is properly verified.

Provided and/or discovered by:
S.W.A.T.

Original Advisory:
http://milw0rm.com/exploits/4503

Collapse -
rPath update for xen
by Marianna Schmudlach / October 9, 2007 2:19 AM PDT

Secunia Advisory: SA27141
Release Date: 2007-10-09


Critical:
Less critical
Impact: Privilege escalation

Where: Local system

Solution Status: Vendor Patch


OS: rPath Linux 1.x

Description:
rPath has issued an update for xen. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.

For more information see vulnerability #1 in:
SA26986

Solution:
Update to "xen=/conary.rpath.com@rpl:devel//1/3.0.3_0-1.6-1".

Original Advisory:
http://lists.rpath.com/pipermail/security-announce/2007-October/000263.html

Other References:
SA26986:
http://secunia.com/advisories/26986/

Collapse -
Electronic Arts SnoopyCtrl ActiveX Control Buffer Overflows
by Marianna Schmudlach / October 9, 2007 2:20 AM PDT

Secunia Advisory: SA27143
Release Date: 2007-10-09


Critical:
Highly critical
Impact: System access

Where: From remote

Solution Status: Unpatched


Software: Electronic Arts SnoopyCtrl ActiveX Control

Description:
Will Dormann has reported some vulnerabilities in Electronic Arts SnoopyCtrl ActiveX control, which can be exploited by malicious people to compromise a user's system.

The vulnerabilities are caused due to boundary errors when handling certain unspecified methods and initialization parameters. These can be exploited to cause stack-based buffer overflows when a user e.g. visits a malicious website.

Solution:
Set the kill-bit for the affected ActiveX control.

Provided and/or discovered by:
Will Dormann, CERT/CC

Original Advisory:
US-CERT VU#179281:
http://www.kb.cert.org/vuls/id/179281

Collapse -
util-linux Privilege Escalation Vulnerability
by Marianna Schmudlach / October 9, 2007 2:22 AM PDT

Secunia Advisory: SA27145
Release Date: 2007-10-09


Critical:
Not critical
Impact: Privilege escalation

Where: Local system

Solution Status: Vendor Workaround


Software: util-linux 2.x

Description:
A vulnerability has been reported in util-linux, which potentially can be exploited by malicious, local users to perform certain actions with escalated privileges.

The vulnerability is caused due to the mount and umount programs incorrectly checking the return values of the "setuid()" and "setgid()" functions when dropping privileges. This can potentially be exploited to perform certain actions with escalated privileges via e.g. the mount.nfs utility.

The vulnerability is reported in version 2.12r. Other versions may also be affected.

Solution:
Fixed in the util-linux-ng repository.
http://git.kernel.org/?p=utils/util-l...eb2c7ac1b00b6083905957837a271e80b187e

Provided and/or discovered by:
Ludwig Nussel

Original Advisory:
http://git.kernel.org/?p=utils/util-l...eb2c7ac1b00b6083905957837a271e80b187e

Collapse -
Avaya Products nfs-utils-lib Denial of Service
by Marianna Schmudlach / October 9, 2007 2:23 AM PDT

Secunia Advisory: SA27146
Release Date: 2007-10-09


Critical:
Moderately critical
Impact: DoS

Where: From remote

Solution Status: Unpatched


OS: Avaya Intuity LX
Avaya Message Networking 2.x
Avaya Modular Messaging 3.x

Description:
Avaya has acknowledged a vulnerability in various Avaya products, which can be exploited by malicious people to cause a DoS (Denial of Service).

For more information:
SA27043

The vulnerability affects the following products and versions:
* Avaya Intuity LX (all versions)
* Avaya Messaging Storage Server (MSS 3.x)
* Avaya AES (AES 3.1.3)
* Avaya Message Networking (all versions)

Solution:
The vendor recommends that local and network access to the affected systems be restricted until an update is available.

Original Advisory:
http://support.avaya.com/elmodocs2/security/ASA-2007-396.htm

Other References:
SA27043:
http://secunia.com/advisories/27043/

Collapse -
Avaya Products X.org X11 Composite Pixmap Privilege Escalati
by Marianna Schmudlach / October 9, 2007 2:25 AM PDT

Secunia Advisory: SA27147
Release Date: 2007-10-09


Critical:
Less critical
Impact: Privilege escalation

Where: Local system

Solution Status: Unpatched


OS: Avaya Intuity LX
Avaya Message Networking 2.x
Avaya Modular Messaging 3.x

Description:
Avaya has acknowledged a vulnerability in various Avaya products, which potentially can be exploited by malicious, local users to gain escalated privileges.

For more information:
SA26897

The vulnerability affects the following products and versions:
* Avaya Intuity LX (all versions)
* Avaya Messaging Storage Server (MSS 3.x)
* Avaya Message Networking (all versions)

Solution:
The vendor recommends that local and network access to the affected systems be restricted until an update is available.

Original Advisory:
http://support.avaya.com/elmodocs2/security/ASA-2007-394.htm

Other References:
SA26897:
http://secunia.com/advisories/26897/

Collapse -
Red Hat update for pwlib
by Marianna Schmudlach / October 9, 2007 2:27 AM PDT

Secunia Advisory: SA27150
Release Date: 2007-10-09


Critical:
Less critical
Impact: DoS

Where: From remote

Solution Status: Vendor Patch


OS: Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux Desktop Workstation (v. 5 client)

Description:
Red Hat has issued an update for pwlib. This fixes a vulnerability, which potentially can be exploited by malicious people to cause a DoS (Denial of Service).

For more information:
SA27127

Solution:
Updated packages are available via Red Hat Network.
http://rhn.redhat.com

Original Advisory:
http://rhn.redhat.com/errata/RHSA-2007-0932.html

Other References:
SA27127:
http://secunia.com/advisories/27127/

Collapse -
Adobe mailto vulnerability
by Marianna Schmudlach / October 9, 2007 2:45 AM PDT

Published: 2007-10-09,
Last Updated: 2007-10-09 15:04:22 UTC
by Swa Frantzen (Version: 1)
On October 5th, Adobe confirmed the vulnerability we reported on on September 20th.

While there is no patch available yet, there is a workaround available and slowly some details about the vulnerability are being made public as well. So applying the workaround might be very wise:

More: http://isc.sans.org/

Collapse -
Microsoft Windows SharePoint Services / Office SharePoint Se
by Marianna Schmudlach / October 9, 2007 11:11 AM PDT

Microsoft Windows SharePoint Services / Office SharePoint Server Cross-Site Scripting

Secunia Advisory: SA27148
Release Date: 2007-10-09


Critical:
Less critical
Impact: Cross Site Scripting

Where: From remote

Solution Status: Vendor Patch


Software: Microsoft Office SharePoint Server 2007
Microsoft Windows SharePoint Services

Description:
A vulnerability has been reported in Microsoft SharePoint Services and Office SharePoint Server, which can be exploited by malicious people to conduct cross-site scripting attacks.

Input passed via the URL is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

Solution:
Apply updates.

Microsoft Windows SharePoint Services 3.0 for Windows Server 2003 SP1/SP2:
http://www.microsoft.com/downloads/de...=76FC2225-2802-46E5-A294-A842E3841877

Microsoft Windows SharePoint Services 3.0 for Windows Server 2003 x64 Edition (optionally with SP2):
http://www.microsoft.com/downloads/de...=667335DD-DF2E-4F14-A130-5758701BE055

Microsoft Office SharePoint Server 2007:
http://www.microsoft.com/downloads/de...=AAEA9695-F541-4C4C-9107-81EAD5CFC8C9

Microsoft Office SharePoint Server 2007 x64 Edition:
http://www.microsoft.com/downloads/de...=1D319164-D133-4493-BE27-1AEDA62362C4

Provided and/or discovered by:
Solarius

Original Advisory:
MS07-059 (KB942017):
http://www.microsoft.com/technet/security/Bulletin/MS07-059.mspx

Collapse -
Red Hat update for pwlib
by Marianna Schmudlach / October 9, 2007 11:13 AM PDT

Secunia Advisory: SA27150
Release Date: 2007-10-09


Critical:
Less critical
Impact: DoS

Where: From remote

Solution Status: Vendor Patch


OS: Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux Desktop Workstation (v. 5 client)

Description:
Red Hat has issued an update for pwlib. This fixes a vulnerability, which potentially can be exploited by malicious people to cause a DoS (Denial of Service).

For more information:
SA27127

Solution:
Updated packages are available via Red Hat Network.
http://rhn.redhat.com

Original Advisory:
http://rhn.redhat.com/errata/RHSA-2007-0932.html

Other References:
SA27127:
http://secunia.com/advisories/27127/

Collapse -
Microsoft Word Unspecified Memory Corruption Vulnerability
by Marianna Schmudlach / October 9, 2007 11:15 AM PDT

Secunia Advisory: SA27151
Release Date: 2007-10-09


Critical:
Extremely critical
Impact: System access

Where: From remote

Solution Status: Vendor Patch


Software: Microsoft Office 2000
Microsoft Office 2004 for Mac
Microsoft Office XP
Microsoft Word 2000
Microsoft Word 2002

Description:
A vulnerability has been reported in Microsoft Word, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to an error in the handling of Word documents and can be exploited to corrupt memory when a user opens a specially crafted Office file.

Successful exploitation allows execution of arbitrary code.

NOTE: According to Microsoft, this is currently being actively exploited.

Solution:
Apply patches.

Microsoft Office 2000 SP3:
http://www.microsoft.com/downloads/de...=8B3072FB-5933-47F7-A498-13A93E268E57

Microsoft Office XP SP3:
http://www.microsoft.com/downloads/de...=D6B787BB-03FF-4F67-8B69-6011FB18BA75

Microsoft Office 2004 for Mac:
http://www.microsoft.com/mac/downloads.aspx#Office2004

Provided and/or discovered by:
The vendor credits Liu Kun-Hao, Information and Communication Security Technology Center.

Original Advisory:
MS07-060 (KB942695):
http://www.microsoft.com/technet/security/Bulletin/MS07-060.mspx

Collapse -
Microsoft Windows 2000 RPC Authentication Information Disclo
by Marianna Schmudlach / October 9, 2007 11:18 AM PDT

Microsoft Windows 2000 RPC Authentication Information Disclosure

Secunia Advisory: SA27153
Release Date: 2007-10-09


Critical:
Less critical
Impact: Exposure of sensitive information

Where: From local network

Solution Status: Vendor Patch


OS: Microsoft Windows 2000 Advanced Server
Microsoft Windows 2000 Datacenter Server
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Server

Description:
A vulnerability has been reported in Microsoft Windows 2000, which can be exploited by malicious people to disclose potentially sensitive information.

The vulnerability is caused due an error when processing RPC authentication requests and can be exploited to disclose unspecified information by sending specially crafted RPC authentication requests to an affected system.

This is related to:
SA27134

The vulnerability is reported in Microsoft Windows 2000 Service Pack 4.

Solution:
Apply updates.

Microsoft Windows 2000 SP4:
http://www.microsoft.com/downloads/de...=6c7fb9a8-1d8d-4307-b5c6-bc6c28ee09de

Provided and/or discovered by:
The vendor credits the Zero Day Initiative.

Original Advisory:
MS07-058 (KB933729):
http://www.microsoft.com/technet/security/Bulletin/MS07-058.mspx

Collapse -
Adobe Acrobat and Adobe Reader Vulnerability
by Marianna Schmudlach / October 9, 2007 11:23 AM PDT

added October 9, 2007 at 03:31 pm

Adobe has issued a Security Advisory to address a vulnerability in Adobe Acrobat and Adobe Reader. By convincing a user to open a specially crafted pdf file in Microsoft Internet Explorer 7, an attacker may be able to execute arbitrary code.

US-CERT recommends that users apply the workaround found in the Adobe Security Advisory. http://www.adobe.com/support/security/advisories/apsa07-04.html

http://www.us-cert.gov/current/current_activity.html#adobe_acrobat_and_adober_reader

Collapse -
Lady M: Does this Patch Apply ONLY to...
by tobeach / October 9, 2007 3:20 PM PDT

acrobat & reader 8 WITH IE7 (NOT TO IE6xxx)? Thanks!! Sandy ConfusedGrin

Collapse -
Sandy... right.....
by Marianna Schmudlach / October 9, 2007 3:26 PM PDT
Platform: Windows XP (Vista users are not affected) with Internet Explorer 7 installed

Solution

To protect Windows XP systems with Internet Explorer 7 installed from this vulnerability, administrators can disable the mailto: option in Acrobat, Acrobat 3D 8 and Adobe Reader by modifying the application options in the Windows registry. Additionally, these changes can be added to network deployments to Windows systems.

http://www.adobe.com/support/security/advisories/apsa07-04.html
Collapse -
(NT) Thanks Ever So Much! Thankfull I'm IE6!!
by tobeach / October 9, 2007 4:15 PM PDT
In reply to: Sandy... right.....
Collapse -
Still using Adobe? Why not using Foxit Reader?
by Marianna Schmudlach / October 10, 2007 1:02 AM PDT
Collapse -
PDF MailTo Vulnerability Fix Tool
by Marianna Schmudlach / October 10, 2007 3:09 AM PDT
Automate the workaround for the critical Adobe Security Vulnerability (APSA07-04).


Vulnerability Details:

There is a critical security vulnerability that affects Adobe Acrobat and Adobe Reader, versions 8.1 and below.
For more information, please see Adobe Security Advisory APSA07-04 and CVE-2007-5020

According to the Adobe Security Advisory, your machine is vulnerable if you have:

* Adobe Reader 8.1 and earlier OR Adobe Acrobat 8.1 and earlier
* Windows XP
* Internet Explorer 7


PDF MailTo Vulnerability Fix Tool:


http://www.javacoolsoftware.com/pdffix.html
Collapse -
Internet Explorer Unspecified Address Bar Spoofing Vulnerabi
by Marianna Schmudlach / October 9, 2007 3:33 PM PDT

TITLE:
Internet Explorer Unspecified Address Bar Spoofing Vulnerability

SECUNIA ADVISORY ID:
SA27133

VERIFY ADVISORY:
http://secunia.com/advisories/27133/

CRITICAL:
Less critical

IMPACT:
Spoofing

WHERE:
From remote

SOFTWARE:
Microsoft Internet Explorer 5.01
http://secunia.com/product/9/
Microsoft Internet Explorer 6.x
http://secunia.com/product/11/
Microsoft Internet Explorer 7.x
http://secunia.com/product/12366/

DESCRIPTION:
A vulnerability has been reported in Internet Explorer, which can be
exploited by a malicious website to spoof the address bar.

The vulnerability is caused due to an unspecified error and allows
displaying of spoofed content in the browser window while the address
bar and other parts of the trust UI may reference a trusted site.

SOLUTION:
Apply patches.

Windows 2000 SP4 and Internet Explorer 5.01 SP4:
http://www.microsoft.com/downloads/details.aspx?FamilyId=95827F3F-A984-4E34-A949-D16A0614121A

Windows 2000 SP4 and Internet Explorer 6 SP1:
http://www.microsoft.com/downloads/details.aspx?FamilyId=DF3BA596-7C5B-4151-9884-6957AA884AAB

Windows XP SP2 and Internet Explorer 6:
http://www.microsoft.com/downloads/details.aspx?FamilyId=513A8320-6D36-4FC9-A38A-867192B55B53

Windows XP Professional x64 Edition (optionally with SP2) and
Internet Explorer 6:
http://www.microsoft.com/downloads/details.aspx?FamilyId=AE8A26D8-1910-4B8C-8A73-6E2FA6B5B29F

Windows Server 2003 SP1/SP2 and Internet Explorer 6:
http://www.microsoft.com/downloads/details.aspx?FamilyId=4AEFAA38-8757-4E6E-8924-57CABD1C2FC3

Windows Server 2003 x64 Edition (optionally with SP2) and Internet
Explorer 6:
http://www.microsoft.com/downloads/details.aspx?FamilyId=88ABA9DD-653B-4CDF-A513-CCA32A7D7E41

Windows Server 2003 with SP1/SP2 for Itanium-based systems and
Internet Explorer 6:
http://www.microsoft.com/downloads/details.aspx?FamilyId=309A8F10-C7EA-4961-A969-092B0C4D7BBC

Windows XP SP2 and Internet Explorer 7:
http://www.microsoft.com/downloads/details.aspx?FamilyId=4CA0AC93-BF51-40FE-A1BA-CB3E0A36D8B5

Windows XP Professional x64 Edition (optionally with SP2) and
Internet Explorer 7:
http://www.microsoft.com/downloads/details.aspx?FamilyId=DBD284D0-2664-42A4-AD16-A0535244C81C

Windows Server 2003 SP1/SP2 and Internet Explorer 7:
http://www.microsoft.com/downloads/details.aspx?FamilyId=0A31C451-32F4-4551-AE45-D600F8B3B11B

Windows Server 2003 x64 Edition (optionally with SP2) and Internet
Explorer 7:
http://www.microsoft.com/downloads/details.aspx?FamilyId=C1915633-D181-4CA1-A4F0-7CA0F865AA72

Windows Server 2003 with SP1/SP2 for Itanium-based systems and
Internet Explorer 7:
http://www.microsoft.com/downloads/details.aspx?FamilyId=093A2250-3BE3-494F-80E0-89CA7217030F

Windows Vista and Internet Explorer 7:
http://www.microsoft.com/downloads/details.aspx?FamilyId=86392E8D-098C-427F-A233-699CDB9375AE

Windows Vista x64 Edition and Internet Explorer 7:
http://www.microsoft.com/downloads/details.aspx?FamilyId=62490E6D-0A21-4A15-90BD-63CA8F8886B6

PROVIDED AND/OR DISCOVERED BY:
The vendor credits Pierre Geyer, next.motion OHG.

ORIGINAL ADVISORY:
MS07-057 (KB939653):
http://www.microsoft.com/technet/security/Bulletin/MS07-057.mspx

Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

HOLIDAY GIFT GUIDE 2017

Cameras that make great holiday gifts

Let them start the new year with a step up in photo and video quality from a phone.