=====================================================================
                                  CERT-Renater

                       Note d'Information No. 2005/VULN377
_____________________________________________________________________

DATE                      : 15/06/2005

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Systems running Microsoft Windows Interactive Training.

======================================================================

http://www.microsoft.com/technet/security/bulletin/MS05-031.mspx

MS05-031 - Vulnerability in Microsoft Windows Interactive Training Could
            Allow Remote Code Execution (898458)

   - Affected Software:
     - Windows 2000 Service Pack 3
     - Windows 2000 Service Pack 4
     - Windows XP Service Pack 1
     - Windows XP Service Pack 2
     - Windows XP 64-Bit Edition Service Pack 1 (Itanium)
     - Windows XP 64-Bit Edition Version 2003 (Itanium)
     - Windows XP Professional x64 Edition
     - Windows Server 2003
     - Windows Server 2003 for Itanium-based Systems
     - Windows Server 2003 with SP1 for Itanium-based Systems
     - Windows Server 2003 x64 Edition

     - Review the FAQ section of bulletin MS05-031 for information
       about these operating systems:
         - Windows 98
         - Windows 98 Second Edition (SE)
         - Windows Millennium Edition (ME)

     - Impact: Remote Code Execution
     - Version Number: 1.0


- From the Microsoft Security Bulletin MS05-031:

Vulnerability Details

Interactive Training Vulnerability - CAN-2005-1212

A remote code execution vulnerability exists in Step-by-Step Interactive
Training because of the way that Step-by-Step Interactive Training handles
bookmark link files. An attacker could exploit the vulnerability by
constructing a malicious bookmark link file that could potentially allow
remote code execution if a user visited a malicious Web site or opened a
malicious attachment that was provided in an e-mail message. An attacker who
successfully exploited this vulnerability could take complete control of an
affected system. However, user interaction is required to exploit this
vulnerability.

======================================================================

         =========================================================
         Les serveurs de référence du CERT-Renater
         http://www.urec.fr/securite
         http://www.cru.fr/securite
         http://www.renater.fr
         =========================================================
         + CERT-RENATER          | tel : 01-53-94-20-44          +
         + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
         + 75013 Paris           | email: certsvp@renater.fr     +
         =========================================================