Intrusion Prevention

MS.Office.Web.Components.ActiveX.Buffer.Overflow

Description

This indicates a possible attempt to exploit a buffer overflow vulnerability in Microsoft Office Web Components.
The vulnerability is a stack based buffer overflow in the Microsoft Office "Spreadsheet" class, which is hosted by MSOWC.DLL. It results from the application's failure to perform boundary checks on user supplied input. By exploiting this a remote attacker may be able to execute arbitrary code and gain control of vulnerable systems.

Affected Products

Microsoft Office Web Components 2000
+ Microsoft Back Office Server 2000
+ Microsoft BizTalk Server 2000 Developer Edition SP2
+ Microsoft BizTalk Server 2000 Developer Edition SP1a
+ Microsoft BizTalk Server 2000 Developer Edition
+ Microsoft BizTalk Server 2000 Enterprise Edition SP2
+ Microsoft BizTalk Server 2000 Enterprise Edition SP1a
+ Microsoft BizTalk Server 2000 Enterprise Edition
+ Microsoft BizTalk Server 2000 Standard Edition SP2
+ Microsoft BizTalk Server 2000 Standard Edition SP1a
+ Microsoft BizTalk Server 2000 Standard Edition
+ Microsoft BizTalk Server 2002 Enterprise Edition
+ Microsoft Commerce Server 2000 SP2
+ Microsoft Commerce Server 2000 SP1
+ Microsoft Commerce Server 2000
+ Microsoft Commerce Server 2002
+ Microsoft Internet Explorer for Unix SP2
+ Microsoft ISA Server 2000 SP2
+ Microsoft ISA Server 2000 SP1
+ Microsoft ISA Server 2000 FP1
+ Microsoft ISA Server 2000
+ Microsoft ISA Server 2000 Enterprise Edition SP2
+ Microsoft ISA Server 2000 Enterprise Edition SP1
+ Microsoft ISA Server 2000 Enterprise Edition
+ Microsoft Office 2000 SP2
+ Microsoft Office 2000 SP1
+ Microsoft Office 2000
+ Microsoft Office XP SP3
+ Microsoft Office XP SP2
+ Microsoft Office XP SP1
+ Microsoft Office XP
+ Microsoft Small Business Server 2000
+ Microsoft Visual Studio .NET 2002
+ Microsoft Visual Studio .NET 2003 Enterprise Architect
+ Microsoft Visual Studio .NET Enterprise Architect Edition
+ Microsoft Visual Studio .NET Enterprise Developer Edition

Impact

System Compromise: remote code execution.

Recommended Actions

Microsoft has released an advisory and fixes to address this issue. Please see the references for more information.
Microsoft Security Update for Commerce Sever 2000 (KB941305)
http://www.microsoft.com/downloads/details.aspx?FamilyId=71DE76BA-B62C -4A7A-A78A-9317F5255B13
Microsoft Security Update For Microsoft BizTalk Server 2000 (KB939714)
http://www.microsoft.com/downloads/details.aspx?FamilyId=E0993E49C0A81 1D2973D00C04F79E4B3
Microsoft Security Update For Microsoft BizTalk Server 2002 (KB939714)
http://www.microsoft.com/downloads/details.aspx?FamilyId=12B7D09A92AB4 596996670799837D961
Microsoft Security Update For Microsoft Office 2000 Service Pack 3 (KB931660)
http://www.microsoft.com/downloads/details.aspx?FamilyId=806c654a-35e3 -4385-855a-4b803249bfcf
Microsoft Security Update for Microsoft Office Web Components 2000 used in ISA Server 2000 Reporting
http://www.microsoft.com/downloads/details.aspx?FamilyId=526D87BD-C3DA -412E-8765-C15987AE9B01
Microsoft Security Update For Microsoft Office XP Service Pack 3 (KB931660)
http://www.microsoft.com/downloads/details.aspx?FamilyId=806c654a-35e3 -4385-855a-4b803249bfcf
Microsoft Visual Studio .NET 2002 Service Pack 1 MSOWC.DLL Security Update
http://www.microsoft.com/downloads/details.aspx?FamilyId=D71B23FA-A873 -406D-BAD7-E38E565DEE39&displaylang=en
Microsoft Visual Studio .NET 2003 Service Pack 1 MSOWC.DLL Security Update
http://www.microsoft.com/downloads/details.aspx?FamilyId=2FE10CCD-40CB -4090-B83D-EAE3D4ECA174&displaylang=en

CVE References

CVE-2006-4695