Orange Business Services
Vigil@nce Vigil@nce Vigil@nce
we track for your security since 1999
 home presentation vulnerabilities documentation contact  
subscriber area subscriber area
free access free access
Vigil@nce team describes computer vulnerabilities impacting your systems, and offers solutions to correct them.
recent vulnerabilities recent vulnerabilities
tracked products tracked products
RSS feed RSS feed
vulnerability

vulnerability CVE-2008-3007

Office, OneNote 2007: code execution

Synthesis of the vulnerability

Two vulnerabilities can be used by an attacker to execute code when the victim clicks on a OneNote uri.
Severity: 3/4.
Creation date: 10/09/2008.

Description of the vulnerability

When the Microsoft Office OneNote product is installed, the user can click on "onenote://" uris to access to his notes. Two vulnerabilities can be exploited via OneNote.

An attacker can create a malicious OneNote uri to force the transfer of a file when the user clicks on this uri. An attacker can therefore create a file on victim's computer, or read a file. By creating a file in the startup directory, the attacker can execute code. This vulnerability impacts OneNote 2007. [severity:3/4; ISVA-080910.1, >]

OneNote uris are handled by the MSO.DLL library. However, one of its methods does not correctly check the uri size, which generates a buffer overflow. The vulnerable MSO.DLL library is installed in all Office versions, even if OneNote is not installed. However, this vulnerability of MSO.DLL can only be exploited via OneNote. [severity:3/4; >]

Both vulnerabilities lead to code execution when the victim clicks on a OneNote uri.

Complete Vigil@nce bulletin

Access to the complete Vigil@nce bulletin

Characteristics

Title: Office, OneNote 2007: code execution.
Keywords: 2007 ISVA-080910 MSO Microsoft Office OneNote code execution neNote.
Identifiers: 955047, BID-31067, CVE-2008-3007, ISVA-080910.1, MS08-055, VIGILANCE-VUL-8100.

Information sources

Publications and announces
Source example: Microsoft Security Bulletin MS08-055 - Critical: Vulnerability in Microsoft Office Could Allow Remote Code Execution (955047)

Solutions for this vulnerability

Patch or workaround

Supplements

Vulnerability : File

An attacker can create a malicious OneNote uri to force the transfer of a file when the user clicks on this uri. An attacker can therefore create a file on victim's computer, or read a file. By creating a file in the startup directory, the attacker can execute code. This vulnerability impacts OneNote 2007.
Severity: 3/4.
Identifiers: ISVA-080910.1.
Publications and announces
Source example: MS Office OneNote URL Handling Vulnerability

Vulnerability : Buffer overflow

OneNote uris are handled by the MSO.DLL library. However, one of its methods does not correctly check the uri size, which generates a buffer overflow. The vulnerable MSO.DLL library is installed in all Office versions, even if OneNote is not installed. However, this vulnerability of MSO.DLL can only be exploited via OneNote.
Severity: 3/4.
Publications and announces
Source example: Security Vulnerability Research & Defense : MS08-055: Microsoft security response process, behind the scenes

Computer vulnerabilities tracking service

The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system.
The Vigil@nce vulnerability database contains several thousand vulnerabilities.
This bulletin is published by the Vigil@nce team, which tracks computer vulnerabilities impacting systems and applications.
Systems vulnerabilities



















France Télécom Copyright 1999-2010 Vigil@nce. Vigil@nce is a service from Orange Business Services. Site map. Legal notice. Version française