Re: Microsoft 0-day word vulnerability - Secunia - Extremely critical

To: Ryan Buena <dreamsbig@xxxxxxxxx>, bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: Microsoft 0-day word vulnerability - Secunia - Extremely critical
From: Juha-Matti Laurio <juha-matti.laurio@xxxxxxxx>
Date: Thu, 7 Dec 2006 20:22:09 +0200 (EET)
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

The related Trojans have the following names:

Troj/DwnLdr-FXG
http://www.sophos.com/security/analyses/trojdwnldrfxg.html
and
Troj/DwnLdr-FXH
http://www.sophos.com/security/analyses/trojdwnldrfxh.html

Other references released:

BID:
http://www.securityfocus.com/bid/21451
FrSIRT:
http://www.frsirt.com/english/advisories/2006/4866
SecurityTracker:
http://www.securitytracker.com/id?1017339
ISS:
http://xforce.iss.net/xforce/xfdb/30738
SecuriTeam:
http://www.securiteam.com/windowsntfocus/6I00220HPG.html
US-CERT VU:

http://www.kb.cert.org/vuls/id/167928

- Juha-Matti

Ryan Buena <dreamsbig@xxxxxxxxx> wrote:

Source: http://secunia.com/advisories/23232/

Does anybody have any more detailed information on specifics about
this vulnerability? There is very little detail concerning this. What
actions is anyone taking against this? According to one article,
Mcafee discovered this vulnerability and the word DOC would need to be
launched in a browser.

Prev by Date: [USN-390-3] evince-gtk vulnerability
Next by Date: Re: Multiple Vendor Unusual MIME Encoding Content Filter Bypass
Previous by thread: Re: Microsoft 0-day word vulnerability - Secunia - Extremely critical
Next by thread: Re: Microsoft 0-day word vulnerability - Secunia - Extremely critical
Index(es):
- Date
- Thread