Множественные уязвимости в Microsoft XML Core Services

Дата публикации:
09.01.2007
Дата изменения:
11.08.2010
Всего просмотров:
5706
Опасность:
Высокая
Наличие исправления:
Да
Количество уязвимостей:
3
CVSSv2 рейтинг:
(AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:O/RC:C) = Base:10/Temporal:7.4
(AV:N/AC:L/Au:N/C:P/I:P/A:N/E:P/RL:O/RC:C) = Base:6.4/Temporal:5
(AV:N/AC:L/Au:N/C:P/I:P/A:N/E:U/RL:O/RC:C) = Base:6.4/Temporal:4.7
CVE ID:
CVE-2007-0099
CVE-2008-4029
CVE-2008-4033
Вектор эксплуатации:
Удаленная
Воздействие:
Раскрытие важных данных
Компрометация системы
CWE ID:
Нет данных
Наличие эксплоита:
Нет данных
Уязвимые продукты:
Microsoft Office 2003 Small Business Edition
Microsoft Office 2003 Professional Edition
Microsoft Office 2003 Standard Edition
Microsoft Office 2003 Student and Teacher Edition
Microsoft Office 2007
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats
Microsoft Office SharePoint Server 2007
Microsoft Word Viewer 2003
Microsoft Office Groove 2007
Microsoft Expression Web 1.x
Microsoft Expression Web 2.x
Microsoft XML Core Services (MSXML) 3.x
Microsoft XML Core Services (MSXML) 4.x
Microsoft XML Core Services (MSXML) 5.x
Microsoft XML Core Services (MSXML) 6.x
Microsoft Windows 2000 Advanced Server
Microsoft Windows 2000 Datacenter Server
Microsoft Windows 2000 Server
Microsoft Windows 2000 Professional
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Web Edition
Microsoft Windows Storage Server 2003
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional
Microsoft Windows Vista
Microsoft Windows Server 2008
Уязвимые версии:
Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows 2003
Microsoft Windows Vista
Microsoft Windows 2008
Microsoft XML Core Services (MSXML) 3.0
Microsoft XML Core Services (MSXML) 4.0
Microsoft XML Core Services (MSXML) 5.0
Microsoft XML Core Services (MSXML) 6.0
Microsoft Office 2003
Microsoft Office 2007
Microsoft Expression Web
Microsoft Expression Web 2

Описание:
Обнаруженные уязвимости позволяют удаленному пользователю получить доступ к важным данным и скомпрометировать целевую систему.

1. Уязвимость существует из-за ошибки состояния операции при обработке XML данных. Удаленный пользователь может с помощью специально сформированного XML файла, содержащего разветвленные теги в различных iframe, вызвать повреждение памяти и выполнить произвольный код на целевой системе. Уязвимость существует в Microsoft XML Core Services 3.0 на Windows 2000, XP, 2003, Vista и 2008.

2. Уязвимость существует из-за ошибки при обработке проверки ошибок для внешних определений типов документов (DTD). Удаленный пользователь может с помощью специально сформированного Web сайта или email сообщения обойти междоменные политики и получить доступ к данным из другого домена. Уязвимость существует в Microsoft XML Core Services 3.0 и Microsoft XML Core Services 4.0 на Windows 2000, XP, 2003, Vista и 2008.

3. Уязвимость существует из-за ошибки при обработке заголовков “transfer-encoding”. Удаленный пользователь может с помощью специально сформированного Web сайта или email сообщения обойти междоменные политики и получить доступ к данным из другого домена.

URL производителя: www.microsoft.com

Решение: Установите исправление с сайта производителя.

-- Windows 2000 --

Windows 2000 SP4 and Microsoft XML Core Services 3.0:
http://www.microsoft.com/downloads/de...=559cd4b6-24b7-4e60-8749-37d9b833d3eb

Windows 2000 SP4 and Microsoft XML Core Services 4.0:
http://www.microsoft.com/downloads/de...=96a4413c-5261-4f69-83d0-932c430abd14

Windows 2000 SP4 and Microsoft XML Core Services 6.0:
http://www.microsoft.com/downloads/de...=59914795-60c7-4ebe-828d-f28cb457e6e3


-- Windows XP --

Windows XP SP2 and Microsoft XML Core Services 3.0:
http://www.microsoft.com/downloads/de...=6ed1a087-97e2-4283-9b53-b7b046654d08

Windows XP SP3 and Microsoft XML Core Services 3.0:
http://www.microsoft.com/downloads/de...=6ed1a087-97e2-4283-9b53-b7b046654d08

Windows XP SP2/SP3 and Microsoft XML Core Services 4.0:
http://www.microsoft.com/downloads/de...=96a4413c-5261-4f69-83d0-932c430abd14

Windows XP SP2 and Microsoft XML Core Services 6.0:
http://www.microsoft.com/downloads/de...=59914795-60c7-4ebe-828d-f28cb457e6e3

Windows XP SP3 and Microsoft XML Core Services 6.0:
http://www.microsoft.com/downloads/de...=7493fa37-2cbf-4d66-8690-d50d63da4096

Windows XP Professional x64 Edition (optionally with SP2) and Microsoft XML Core Services 3.0:
http://www.microsoft.com/downloads/de...=1b79f220-ebfc-49c1-963b-58bbda21b6e7

Windows XP Professional x64 Edition (optionally with SP2) and Microsoft XML Core Services 4.0:
http://www.microsoft.com/downloads/de...=96a4413c-5261-4f69-83d0-932c430abd14

Windows XP Professional x64 Edition (optionally with SP2) and Microsoft XML Core Services 6.0:
http://www.microsoft.com/downloads/de...=59914795-60c7-4ebe-828d-f28cb457e6e3


-- Windows Server 2003 --

Windows Server 2003 SP1/SP2 and Microsoft XML Core Services 3.0:
http://www.microsoft.com/downloads/de...=0a0f8385-e908-4b5f-b9bf-80b7dabfcafd

Windows Server 2003 SP1/SP2 and Microsoft XML Core Services 4.0:
http://www.microsoft.com/downloads/de...=96a4413c-5261-4f69-83d0-932c430abd14

Windows Server 2003 SP1/SP2 and Microsoft XML Core Services 6.0:
http://www.microsoft.com/downloads/de...=59914795-60c7-4ebe-828d-f28cb457e6e3

Windows Server 2003 x64 Edition (optionally with SP2) and Microsoft XML Core Services 3.0:
http://www.microsoft.com/downloads/de...=347c8c83-4269-4a0e-af6f-4be2e824d22b

Windows Server 2003 x64 Edition (optionally with SP2) and Microsoft XML Core Services 4.0:
http://www.microsoft.com/downloads/de...=96a4413c-5261-4f69-83d0-932c430abd14

Windows Server 2003 x64 Edition (optionally with SP2) and Microsoft XML Core Services 6.0:
http://www.microsoft.com/downloads/de...=59914795-60c7-4ebe-828d-f28cb457e6e3

Windows Server 2003 with SP1/SP2 for Itanium-based Systems and Microsoft XML Core Services 3.0:
http://www.microsoft.com/downloads/de...=3a65e1cd-eb4e-44b6-8868-a5a84be2cb32

Windows Server 2003 with SP1/SP2 for Itanium-based Systems and Microsoft XML Core Services 4.0:
http://www.microsoft.com/downloads/de...=96a4413c-5261-4f69-83d0-932c430abd14

Windows Server 2003 with SP1/SP2 for Itanium-based Systems and Microsoft XML Core Services 6.0:
http://www.microsoft.com/downloads/de...=59914795-60c7-4ebe-828d-f28cb457e6e3


-- Windows Vista --

Windows Vista and Microsoft XML Core Services 3.0:
http://www.microsoft.com/downloads/de...=affbc957-1867-4bbe-924d-6f0696ae0895

Windows Vista SP1 and Microsoft XML Core Services 3.0:
http://www.microsoft.com/downloads/de...=affbc957-1867-4bbe-924d-6f0696ae0895

Windows Vista (optionally with SP1/SP2) and Microsoft XML Core Services 4.0:
http://www.microsoft.com/downloads/de...=96a4413c-5261-4f69-83d0-932c430abd14

Windows Vista and Microsoft XML Core Services 6.0:
http://www.microsoft.com/downloads/de...=cb6c4315-8c6d-43af-978b-b190b1a1577a

Windows Vista SP1 and Microsoft XML Core Services 6.0:
http://www.microsoft.com/downloads/de...=cb6c4315-8c6d-43af-978b-b190b1a1577a

Windows Vista x64 Edition and Microsoft XML Core Services 3.0:
http://www.microsoft.com/downloads/de...=b01a5f31-8c57-4c5c-909e-b37caf0439b0

Windows Vista x64 Edition SP1 and Microsoft XML Core Services 3.0:
http://www.microsoft.com/downloads/de...=b01a5f31-8c57-4c5c-909e-b37caf0439b0

Windows Vista x64 Edition (optionally with SP1/SP2) and Microsoft XML Core Services 4.0:
http://www.microsoft.com/downloads/de...=96a4413c-5261-4f69-83d0-932c430abd14

Windows Vista x64 Edition and Microsoft XML Core Services 6.0:
http://www.microsoft.com/downloads/de...=39443046-2093-4c87-ac7b-679deab96414

Windows Vista x64 Edition SP1 and Microsoft XML Core Services 6.0:
http://www.microsoft.com/downloads/de...=39443046-2093-4c87-ac7b-679deab96414


-- Windows Server 2008 --

Windows Server 2008 for 32-bit Systems and Microsoft XML Core Services 3.0:
http://www.microsoft.com/downloads/de...=90a04164-4d02-4ce9-b3d8-bddb1ec27618

Windows Server 2008 for 32-bit Systems (optionally with SP2) and Microsoft XML Core Services 4.0:
http://www.microsoft.com/downloads/de...=96a4413c-5261-4f69-83d0-932c430abd14

Windows Server 2008 for 32-bit Systems and Microsoft XML Core Services 6.0:
http://www.microsoft.com/downloads/de...=dea9f227-967f-47c7-bb2a-ed68f13645d9

Windows Server 2008 for x64-based Systems and Microsoft XML Core Services 3.0:
http://www.microsoft.com/downloads/de...=b7bfe3f4-835f-402c-95b5-6d49b6935308

Windows Server 2008 for x64-based Systems (optionally with SP2) and Microsoft XML Core Services 4.0:
http://www.microsoft.com/downloads/de...=96a4413c-5261-4f69-83d0-932c430abd14

Windows Server 2008 for x64-based Systems and Microsoft XML Core Services 6.0:
http://www.microsoft.com/downloads/de...=f16e2a5f-37fd-4ee1-aef0-597214323dc4

Windows Server 2008 for Itanium-based Systems and Microsoft XML Core Services 3.0:
http://www.microsoft.com/downloads/de...=4e0d1efe-70ac-459b-b330-c0149b74f520

Windows Server 2008 for Itanium-based Systems (optionally with SP2) and Microsoft XML Core Services 4.0:
http://www.microsoft.com/downloads/de...=96a4413c-5261-4f69-83d0-932c430abd14

Windows Server 2008 for Itanium-based Systems and Microsoft XML Core Services 6.0:
http://www.microsoft.com/downloads/de...=d4ae74e2-1b09-4a99-8cf5-8a8ca8ac6f7f


-- Microsoft Office --

Office 2003 SP3 and Microsoft XML Core Services 5.0:
http://www.microsoft.com/downloads/de...=7ad891a8-c3bb-4479-8282-13d629c410e3

Microsoft Word Viewer 2003 SP3 and Microsoft XML Core Services 5.0:
http://www.microsoft.com/downloads/de...=7ad891a8-c3bb-4479-8282-13d629c410e3

2007 Microsoft Office System and Microsoft XML Core Services 5.0:
http://www.microsoft.com/downloads/de...=27b06ee8-570a-4dc2-a230-c70d4a706245

2007 Microsoft Office System SP1 and Microsoft XML Core Services 5.0:
http://www.microsoft.com/downloads/de...=27b06ee8-570a-4dc2-a230-c70d4a706245

Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats and Microsoft XML Core Services 5.0:
http://www.microsoft.com/downloads/de...=27b06ee8-570a-4dc2-a230-c70d4a706245

Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and Microsoft XML Core Services 5.0:
http://www.microsoft.com/downloads/de...=27b06ee8-570a-4dc2-a230-c70d4a706245

Microsoft Expression Web and Microsoft XML Core Services 5.0:
http://www.microsoft.com/downloads/de...=27b06ee8-570a-4dc2-a230-c70d4a706245

Microsoft Expression Web 2 and Microsoft XML Core Services 5.0:
http://www.microsoft.com/downloads/de...=27b06ee8-570a-4dc2-a230-c70d4a706245

Office SharePoint Server 2007 (32-bit editions) and Microsoft XML Core Services 5.0:
http://www.microsoft.com/downloads/de...=a208f2b5-2b0d-43bb-8f8a-58d4a3fc64f5

Office SharePoint Server 2007 SP1 (32-bit editions) and Microsoft XML Core Services 5.0:
http://www.microsoft.com/downloads/de...=a208f2b5-2b0d-43bb-8f8a-58d4a3fc64f5

Office SharePoint Server 2007 (optionally with SP1) (64-bit editions) and Microsoft XML Core Services 5.0:
http://www.microsoft.com/downloads/de...=0735f4af-e32b-4970-bed7-b2b9323cf54c

Office Groove Server 2007 and Microsoft XML Core Services 5.0:
http://www.microsoft.com/downloads/de...=0735f4af-e32b-4970-bed7-b2b9323cf54c
Ссылки: Concurrency strikes MSIE (potentially exploitable msxml3 flaws)
(MS08-069) Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (955218)
Microsoft XML Core Services DTD Cross-Domain Scripting PoC MS08-069
http://lists.grok.org.uk/pipermail/full-disclosure/2007-January/051616.html
Журнал изменений:

12.11.2008
Изменено описание уязвимости, добавлены уязвимости #2-3. Изменены секции «Программа» и «Решение». Повышен рейтинг опасности.
23.11.2008
Добавлен PoC код к уязвимости #2.
30.04.2009
Изменена секция «Решение». Добавлены данные о дополнительном исправлении для Microsoft XML Core Services 4.0 для Windows Vista SP2 и Windows 2008 Server SP2

или введите имя

CAPTCHA