Microsoft Security Bulletins

October 2007

2003 |December |November |October

Microsoft Security Bulletin MS07-055

Severity: Critical
Vulnerabilities:

Kodak Image Viewer Remote Code Execution Vulnerability – CVE-2007-2217
There is a remote code execution vulnerability in the way that the Kodak Image Viewer in Windows handles specially crafted image files. An attacker could exploit the vulnerability by constructing a specially crafted image that could potentially allow remote code execution if a user visited a Web site, viewed a specially crafted e-mail message, or opened an email attachment. An attacker who successfully exploited this vulnerability could take complete control of an affected system.

Severity: Critical
Vulnerabilities:

Network News Transfer Protocol Memory Corruption Vulnerability – CVE-2007-3897
A remote code execution vulnerability exists in Outlook Express and Windows Mail for Microsoft Vista, due to an incorrectly handled malformed NNTP response. An attacker could exploit the vulnerability by constructing a specially crafted Web page. If a user viewed the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user.

Severity: Critical
Vulnerabilities:

Address Bar Spoofing Vulnerability - CVE-2007-3892
A spoofing vulnerability exists in Internet Explorer that could allow an attacker to display spoofed content in a browser window. The address bar and other parts of the trust UI has been navigated away from the attacker’s Web site but the content of the window still contains the attacker’s Web page.
Error Handling Memory Corruption Vulnerability - CVE-2007-3893
A remote code execution vulnerability exists in Internet Explorer due to attempts to access previously freed memory when handling script errors in certain situations. An attacker could exploit the vulnerability by constructing a specially crafted Web page. If a user viewed the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged on user.

Severity: Important
Vulnerabilities:

RPC Authentication Vulnerability Could Allow Denial of Service - CVE-2007-2228
A denial of service vulnerability exists in the remote procedure call (RPC) facility due to a failure in communicating with the NTLM security provider when performing authentication of RPC requests. An anonymous attacker could exploit the vulnerability by sending a specially crafted RPC authentication request to a computer over the network. An attacker who successfully exploited this vulnerability could cause the computer to stop responding and automatically restart.

Severity: Important
Vulnerabilities:

SharePoint Scripting Vulnerability - CVE-2007-2581
This is a scripting vulnerability in Microsoft Windows SharePoint Services 3.0 and Microsoft Office SharePoint Server 2007. The vulnerability could allow an attacker to run arbitrary script that can result in elevation of privilege within the SharePoint site, as opposed to elevation of privilege within the workstation or server environment. The vulnerability could also allow an attacker to run arbitrary script to modify a user’s cache, resulting in information disclosure at the workstation. However, user interaction is required to exploit this vulnerability.

Severity: Critical
Vulnerabilities:

Workspace Memory Corruption Vulnerability – CVE-2007-3899
A remote code execution vulnerability exists in the way that Word handles specially crafted Word files. The vulnerability could allow remote code execution if a user opens a specially crafted Word file with a malformed string. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.