R
REM
From Secunia:
TITLE:
Microsoft Windows Color Management Module Buffer Overflow
SECUNIA ADVISORY ID:
SA16004
VERIFY ADVISORY:
http://secunia.com/advisories/16004/
CRITICAL:
Extremely critical <------- (rare! Extrememy critical)
IMPACT:
System access
WHERE:
From remote
DESCRIPTION:
A vulnerability has been reported in Microsoft Windows, which can be
exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to a boundary error within the color
management module when validating ICC profile format tags. This can
be exploited to cause a buffer overflow by e.g. tricking a user into
visiting a malicious web site or view a malicious e-mail message
containing a specially crafted image file.
Successful exploitation allows execution of arbitrary code.
------------------------------------------------------------------------
NOTE: According to Microsoft, the vulnerability is already being
exploited.
------------------------------------------------------------------------
SOLUTION:
Apply patches.
Microsoft Windows 2000 (requires SP4):
http://www.microsoft.com/downloads/details.aspx?FamilyId=FA8D18EC-EBF4-4C49-AFA0-F6A215B3624F
Microsoft Windows XP (requires SP1 or SP2):
http://www.microsoft.com/downloads/details.aspx?FamilyId=C5BCF2DB-ADCE-42BD-ABEE-1380F258158B
Microsoft Windows XP Professional (x64 Edition):
http://www.microsoft.com/downloads/details.aspx?FamilyId=C54BB4BA-FB9B-4615-9BBE-EF6D3885467D
Microsoft Windows Server 2003:
http://www.microsoft.com/downloads/details.aspx?FamilyId=44275ECB-2E79-4CE8-8269-E81219CE8F6C
Microsoft Windows Server 2003 (for Itanium-based systems):
http://www.microsoft.com/downloads/details.aspx?FamilyId=97A903BC-90E1-4FDE-9487-1816C4A647BB
Microsoft Windows Server 2003 (x64 Edition):
http://www.microsoft.com/downloads/details.aspx?FamilyId=52167B42-8790-4965-9F26-DC5EDC2E84F8
-------------------------------------------------------------------
NOTE: what the heck is this????
Microsoft Windows 98, Windows 98 SE, and Windows ME:
The vendor will not be releasing fixes for these versions.
-------------------------------------------------------------------
PROVIDED AND/OR DISCOVERED BY:
The vendor credits Shih-hao Weng.
ORIGINAL ADVISORY:
MS05-036 (901214):
http://www.microsoft.com/technet/security/Bulletin/MS05-036.mspx
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
TITLE:
Microsoft Windows Color Management Module Buffer Overflow
SECUNIA ADVISORY ID:
SA16004
VERIFY ADVISORY:
http://secunia.com/advisories/16004/
CRITICAL:
Extremely critical <------- (rare! Extrememy critical)
IMPACT:
System access
WHERE:
From remote
DESCRIPTION:
A vulnerability has been reported in Microsoft Windows, which can be
exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to a boundary error within the color
management module when validating ICC profile format tags. This can
be exploited to cause a buffer overflow by e.g. tricking a user into
visiting a malicious web site or view a malicious e-mail message
containing a specially crafted image file.
Successful exploitation allows execution of arbitrary code.
------------------------------------------------------------------------
NOTE: According to Microsoft, the vulnerability is already being
exploited.
------------------------------------------------------------------------
SOLUTION:
Apply patches.
Microsoft Windows 2000 (requires SP4):
http://www.microsoft.com/downloads/details.aspx?FamilyId=FA8D18EC-EBF4-4C49-AFA0-F6A215B3624F
Microsoft Windows XP (requires SP1 or SP2):
http://www.microsoft.com/downloads/details.aspx?FamilyId=C5BCF2DB-ADCE-42BD-ABEE-1380F258158B
Microsoft Windows XP Professional (x64 Edition):
http://www.microsoft.com/downloads/details.aspx?FamilyId=C54BB4BA-FB9B-4615-9BBE-EF6D3885467D
Microsoft Windows Server 2003:
http://www.microsoft.com/downloads/details.aspx?FamilyId=44275ECB-2E79-4CE8-8269-E81219CE8F6C
Microsoft Windows Server 2003 (for Itanium-based systems):
http://www.microsoft.com/downloads/details.aspx?FamilyId=97A903BC-90E1-4FDE-9487-1816C4A647BB
Microsoft Windows Server 2003 (x64 Edition):
http://www.microsoft.com/downloads/details.aspx?FamilyId=52167B42-8790-4965-9F26-DC5EDC2E84F8
-------------------------------------------------------------------
NOTE: what the heck is this????
Microsoft Windows 98, Windows 98 SE, and Windows ME:
The vendor will not be releasing fixes for these versions.
-------------------------------------------------------------------
PROVIDED AND/OR DISCOVERED BY:
The vendor credits Shih-hao Weng.
ORIGINAL ADVISORY:
MS05-036 (901214):
http://www.microsoft.com/technet/security/Bulletin/MS05-036.mspx
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/