| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 30 Jul 2005 12:56:29 -0700 (PDT) From: Cesar <cesarc56@...oo.com> To: sylvain.roger@...ucom.fr, bugtraq@...urityfocus.com Subject: Re: Re : [Firefox Bug 302187] New: Shared section vulnerability when opening microsoft office document resulting in DoS It's a security issue, i found it and reported this to MS long time ago when i started to research shared sections bugs, MS will fix the issue in some future. I don't know why MS said to you that it's not a security issue. Cesar. --- sylvain.roger@...ucom.fr wrote: > As I got some questions about this I think I need to > precise it. > I can say for sure now : It is not a firefox > vulnerability but Microsoft Office vulnerability. > Firefox is just here as an example. > The vulnerability is that when a winword.exe process > is created from another application (like > firefox.exe) it creates a shared section called > \BaseNameObjects\Mso97SharedDgXXXXXXXX which has > write rights for everyone. This allows to write > arbitrary data on the shared section resulting in a > denial of service of all opened Microsoft Office > applications. It may be necessary sometimes to > reboot the machine in order to use again the Office > applications. > Microsoft just answers it is a technical issue and > not a security issue > __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Powered by blists - more mailing lists