Microsoft Project file memory allocation code execution Vulnerability

Overview

» IDS/IPS Signatures

Security Sites

iPolicy Networks Security Advisory


Date Discovered:	04/09/2008
Severity:	High
Operating Systems Affected:	Microsoft Windows 2000 Professional Microsoft Windows 95 Microsoft Windows 98 Microsoft Windows NT 4.0
Applications Affected:	Microsoft Project 2000 SR1 Microsoft Project 2002 SP1 Microsoft Project 2003 SP2

Synopsis

Microsoft Project is prone to a remote code-execution vulnerability. Microsoft Project could allow a remote attacker to execute arbitrary code on the system, caused by improper validation of memory resource allocation when opening Project files.

Recommended Actions

Update the patches as guided by vendor at :
http://www.microsoft.com/technet/security/bulletin/ms08-018.mspx

Threat Analysis

Microsoft Project 2000 Service Release 1, 2002 SP1, and 2003 SP2 allows user-assisted remote attackers to execute arbitrary code via a crafted Project file, related to improper validation of memory resource allocations.

By persuading a victim to open a malicious Project file, a remote attacker could exploit this vulnerability to corrupt memory and execute arbitrary code on the system or cause the application to crash.

References

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1088
http://www.securityfocus.com/bid/28607/discuss

Write-up by: Aditya Chaturvedi

Security Sites

“iPolicy is one of the most visionary firewall vendors in the firewall Magic Quadrant. Its architecture of a central session processing engine and multiple content blades that are able to block based on signatures, rules and so on is the closest to the network security ideal.”

Greg Young, John Pescatore
Magic Quadrant for Network Firewalls, 2H04, Gartner

| | | | | | | | |