[14210] in bugtraq
Re: @Stake Advisory: Microsoft Office 2000 ClipArt Vulnerablity
daemon@ATHENA.MIT.EDU (Dustin Miller)
Wed Mar 8 05:46:51 2000
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Message-Id: <NNEAJNECJHKMLGIALPHDOEKMCDAA.dmiller@wfdevelopment.com>
Date: Tue, 7 Mar 2000 20:56:28 -0600
Reply-To: Dustin Miller <dmiller@WFDEVELOPMENT.COM>
From: Dustin Miller <dmiller@WFDEVELOPMENT.COM>
X-To: Weld Pond <weld@L0PHT.COM>, BUGTRAQ@SECURITYFOCUS.COM
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <Pine.BSO.4.21.0003070906220.2753-100000@0nus.l0pht.com>
This bug does not seem to affect Windows Millennium Edition Build 2476,
oddly enough. I do have Office 2000 Professional installed (retail
version), and CAG alarms with an error, but no key was created.
-----Original Message-----
<SNIP>
Advisory Name: ClipArt Gallery Overflow
Advisory Released: 03/06/00
Application: Microsoft Office 2000
Severity: An attacker can seize control of a Windows 95, 98,NT,
or 2000 machine via any HTML source, including
Microsoft Outlook e-mail.
Status: Vendor patch available, workaround available
Author: dildog@l0pht.com
WWW: http://www.l0pht.com/advisories.html
</SNIP>
