=====================================================================
                                    CERT-Renater

                         Note d'Information No. 2011/VULN329
_____________________________________________________________________

DATE                      : 13/04/2011

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Systems running Microsoft Visual Studio,
                               Microsoft Visual Studio .NET, Microsoft Visual C++.

======================================================================
KB2500212
http://www.microsoft.com/technet/security/Bulletin/MS11-025.mspx
______________________________________________________________________

Microsoft Security Bulletin MS11-025 - Important
Vulnerability in Microsoft Foundation Class (MFC) Library Could Allow Remote
Code Execution (2500212)
Version: 1.0

General Information

Executive Summary

This security update resolves a publicly disclosed vulnerability in certain
applications built using the Microsoft Foundation Class (MFC) Library. The
vulnerability could allow remote code execution if a user opens a legitimate
file associated with such an affected application, and the file is located in
the same network folder as a specially crafted library file. For an attack to
be successful, a user must visit an untrusted remote file system location or
WebDAV share and open a document from this location that is then loaded by the
affected application.

This security update is rated Important for all supported editions of Microsoft
Visual Studio and Microsoft Visual C++ Redistributable Package. For more
information, see the subsection, Affected and Non-Affected Software, in this
section.

Affected Software

Microsoft Visual Studio .NET 2003 Service Pack 1
Microsoft Visual Studio 2005 Service Pack 1
Microsoft Visual Studio 2008 Service Pack 1
Microsoft Visual Studio 2010
Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package
Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package
Microsoft Visual C++ 2010 Redistributable Package

Vulnerability Information

MFC Insecure Library Loading Vulnerability - CVE-2010-3190

A remote code execution vulnerability exists in the way that certain
applications built Microsoft Foundation Classes (MFC) handle the loading of
DLL files. An attacker who successfully exploited this vulnerability could
take complete control of an affected system. An attacker could then install
programs; view, change, or delete data; or create new accounts with full user
rights. Users whose accounts are configured to have fewer user rights on the
system could be less impacted than users who operate with administrative user
rights.


======================================================================

           =========================================================
           Les serveurs de référence du CERT-Renater
           http://www.urec.fr/securite
           http://www.cru.fr/securite
           http://www.renater.fr
           =========================================================
           + CERT-RENATER          | tel : 01-53-94-20-44          +
           + 23 - 25 Rue Daviel    | fax : 01-53-94-20-41          +
           + 75013 Paris           | email: certsvp@renater.fr     +
           =========================================================