TITLE: Microsoft Collaboration Data Objects Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA17167 VERIFY ADVISORY: http://secunia.com/advisories/17167/ CRITICAL: Highly critical IMPACT: System access WHERE: >From remote OPERATING SYSTEM: Microsoft Windows XP Professional http://secunia.com/product/22/ Microsoft Windows XP Home Edition http://secunia.com/product/16/ Microsoft Windows Server 2003 Web Edition http://secunia.com/product/1176/ Microsoft Windows Server 2003 Standard Edition http://secunia.com/product/1173/ Microsoft Windows Server 2003 Enterprise Edition http://secunia.com/product/1174/ Microsoft Windows Server 2003 Datacenter Edition http://secunia.com/product/1175/ Microsoft Windows 2000 Server http://secunia.com/product/20/ Microsoft Windows 2000 Professional http://secunia.com/product/1/ Microsoft Windows 2000 Datacenter Server http://secunia.com/product/1177/ Microsoft Windows 2000 Advanced Server http://secunia.com/product/21/ SOFTWARE: Microsoft Exchange Server 2000 http://secunia.com/product/41/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows and Microsoft Exchange 2000 Server, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error in the CDO (Collaboration Data Objects) COM component. This can be exploited to execute arbitrary code on a vulnerability system via a specially crafted message delivered through SMTP. SOLUTION: Apply patches. Microsoft Windows 2000 (requires SP 4): http://www.microsoft.com/downloads/details.aspx?FamilyId=AE0BA6D7-37AF-46E8-9E25-AB63883FA944 Microsoft Windows XP (requires SP 1 or SP 2): http://www.microsoft.com/downloads/details.aspx?FamilyId=E0DAF2D1-656C-4580-94C1-8AB009B4AD4F Microsoft Windows XP Professional x64 Edition: http://www.microsoft.com/downloads/details.aspx?FamilyId=D389EF4D-583D-41C0-9081-844D348F3817 Microsoft Windows Server 2003 (with or without SP 1): http://www.microsoft.com/downloads/details.aspx?FamilyId=1BC06799-B9F5-416F-8965-DC0E07A24A29 Microsoft Windows Server 2003 (Itanium) (with or without SP 1): http://www.microsoft.com/downloads/details.aspx?FamilyId=956FFD90-60AF-4296-8765-F0A17A77DB77 Microsoft Windows Server 2003 x64 Edition: http://www.microsoft.com/downloads/details.aspx?FamilyId=5504C410-CDCB-4826-B002-DBA0E3A402A4 Microsoft Exchange 2000 Server (requires SP 3 and Post-SP 3 Update Rollup of August 2004): http://www.microsoft.com/downloads/details.aspx?FamilyId=60FD0DDC-04B7-4879-930B-53375823CD51 PROVIDED AND/OR DISCOVERED BY: The vendor credits Gary O’leary-Steele, Sec-1. ORIGINAL ADVISORY: MS05-048 (KB907245): http://www.microsoft.com/technet/security/Bulletin/MS05-048.mspx ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------