Microsoft VBA文档属性远程缓冲区溢出漏洞

漏洞信息详情

Microsoft VBA文档属性远程缓冲区溢出漏洞

• CNNVD编号：CNNVD-200310-070
• 危害等级： 超危
  
  
• CVE编号：
  CVE-2003-0347
  
• 漏洞类型：
  
  
  边界条件错误
  
• 发布时间：
  
  2003-09-02
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2005-10-20
  
• 厂        商：
  
  microsoft
• 漏洞来源：
  Marc Maiffret※ mar…

Microsoft VBA是一款独立的开发客户端桌面应用程序和集成到已经存在的数据和系统中的技术。Microsoft VBA基于Microsoft Visual Basic开发系统，Microsoft Office提供包括VBA和使用VBA执行部分功能，VBA可以用于构建可定制的应用程序。
当文档由主机应用程序打开时Microsoft VBA在检查传递给它的文档属性时缺少正确检查，远程攻击者可以利用这个漏洞构建恶意Word或Excel文档，诱使用户打开，可触发缓冲区溢出。
Visual Basic Design Time Environment库(VBE.DLL和VBE6.DLL)用于Microsoft Office系列和其他Microsoft应用程序，这个库存在一个基于堆的溢出漏洞，如果恶意Office文件被打开，恶意文档属性传递给库解析时，可导致分配的堆缓冲区被破坏，精心构建此文件数据可能以用户权限在系统上执行任意指令。

厂商补丁：
Microsoft
———
目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：

Microsoft Office 2000:

http://microsoft.com/downloads/details.aspx?FamilyId=E2CCE199-9C4A-4EEC-A3EC-9F738017F275&displaylang=en” target=”_blank”>
http://microsoft.com/downloads/details.aspx?FamilyId=E2CCE199-9C4A-4EEC-A3EC-9F738017F275&displaylang=en

Administrative update only:

http://www.microsoft.com/office/ork/xp/journ/o2k0901a.htm” target=”_blank”>
http://www.microsoft.com/office/ork/xp/journ/o2k0901a.htm

Microsoft Office XP (including Publisher 2002):

http://microsoft.com/downloads/details.aspx?FamilyId=6F1FC4B0-29E9-44E0-A33D-AD6B4B6A8FF4&displaylang=en” target=”_blank”>
http://microsoft.com/downloads/details.aspx?FamilyId=6F1FC4B0-29E9-44E0-A33D-AD6B4B6A8FF4&displaylang=en

Administrative update only:

http://www.microsoft.com/office/ork/xp/journ/oxp1001a.htm” target=”_blank”>
http://www.microsoft.com/office/ork/xp/journ/oxp1001a.htm

Microsoft Project 2000:

http://microsoft.com/downloads/details.aspx?FamilyId=E53A52E7-431D-4580-9733-B92A2B7BFD0D&displaylang=en” target=”_blank”>
http://microsoft.com/downloads/details.aspx?FamilyId=E53A52E7-431D-4580-9733-B92A2B7BFD0D&displaylang=en

Microsoft Project 2002:

http://microsoft.com/downloads/details.aspx?FamilyId=525BDE0A-0028-488A-8209-6E07D4603CCB&displaylang=en” target=”_blank”>
http://microsoft.com/downloads/details.aspx?FamilyId=525BDE0A-0028-488A-8209-6E07D4603CCB&displaylang=en

Microsoft Visio 2002:

http://microsoft.com/downloads/details.aspx?FamilyId=55944490-13C2-4043-BA2A-17AF02E9C73E&displaylang=en” target=”_blank”>
http://microsoft.com/downloads/details.aspx?FamilyId=55944490-13C2-4043-BA2A-17AF02E9C73E&displaylang=en

Microsoft VBA Patch:

http://microsoft.com/downloads/details.aspx?FamilyId=DA1A7ABA-CD3D-458B-9729-AB9094C9BD3F&displaylang=en” target=”_blank”>
http://microsoft.com/downloads/details.aspx?FamilyId=DA1A7ABA-CD3D-458B-9729-AB9094C9BD3F&displaylang=en

运行如下应用程序的系统必须安装Microsoft VBA补丁：

Microsoft VBA 5.0

Microsoft VBA 6.0

Microsoft VBA 6.2

Microsoft VBA 6.3.

Microsoft Access 97

Microsoft Excel 97

Microsoft PowerPoint 97

Microsoft Word 97

Microsoft Word 98(J)

Microsoft Visio 2000

Microsoft Works Suite 2001

Microsoft Business Solutions Great Plains 7.5

Microsoft Business Solutions Dynamics 6.0

Microsoft Business Solutions Dynamics 7.0

Microsoft Business Solutions eEnterprise 6.0

Microsoft Business Solutions eEnterprise 7.0

Microsoft Business Solutions Solomon 4.5

Microsoft Business Solutions Solomon 5.0

Microsoft Business Solutions Solomon 5.5

Microsoft建议用户访问Office更新站点http://www.office.microsoft.com/ProductUpdates/default.aspx来检测和安装安全补丁。” target=”_blank”>
http://www.office.microsoft.com/ProductUpdates/default.aspx来检测和安装安全补丁。

来源:US-CERT Vulnerability Note: VU#804780
名称: VU#804780
链接:http://www.kb.cert.org/vuls/id/804780

来源: BID
名称: 8534
链接:http://www.securityfocus.com/bid/8534

来源: MS
名称: MS03-037
链接:http://www.microsoft.com/technet/security/bulletin/ms03-037.asp

来源: SECUNIA
名称: 9666
链接:http://secunia.com/advisories/9666

来源: BUGTRAQ
名称: 20030903 EEYE: VBE Document Property Buffer Overflow
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=106262077829157&w=2

来源: VULNWATCH
名称: 20030903 EEYE: VBE Document Property Buffer Overflow
链接:http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0093.html