===================================================================== CERT-Renater Note d'Information No. 2006/VULN530 _____________________________________________________________________ DATE : 15/11/2006 HARDWARE PLATFORM(S) : / OPERATING SYSTEM(S) : Windows 2000, Windows XP, Windows Server 2003 running Microsoft Agent. ====================================================================== MS06-068 - Vulnerability in Microsoft Agent Could Allow Remote Code Execution Affected Software: - Microsoft Windows 2000 Service Pack 4 - Microsoft Windows XP Service Pack 2 - Microsoft Windows XP Professional x64 Edition - Microsoft Windows Server 2003 - Microsoft Windows Server 2003 Service Pack 1 - Microsoft Windows Server 2003 for Itanium-based Systems - Microsoft Windows Server 2003 with SP1 for Itanium-based Systems - Microsoft Windows Server 2003 x64 Edition Full MS06-068 advisory: - http://www.microsoft.com/technet/security/Bulletin/MS06-068.mspx Vulnerability Details Microsoft Agent Memory Corruption Vulnerability: CVE-2006-3445 There is a remote code execution vulnerability in the way that Microsoft Agent handles specially crafted .ACF files. An attacker could exploit the vulnerability by constructing a specially crafted Web page that could potentially allow remote code execution if a user viewed the Web page. An attacker who successfully exploited this vulnerability could take complete control of an affected system. ====================================================================== ========================================================= Les serveurs de référence du CERT-Renater http://www.urec.fr/securite http://www.cru.fr/securite http://www.renater.fr ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 151 bd de l'Hopital | fax : 01-53-94-20-41 + + 75013 Paris | email: certsvp@renater.fr + =========================================================