Memory corruption in Microsoft Server applications

#VU1387 Memory corruption in Microsoft Server applications

Published: 2016-12-19 | Updated: 2017-02-03

Vulnerability identifier: #VU1387

Vulnerability risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2009-2504

CWE-ID: CWE-119

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Microsoft Forefront Client Security
Client/Desktop applications / Antivirus software/Personal firewalls
Microsoft Report Viewer
Client/Desktop applications / Office applications
Microsoft Works
Client/Desktop applications / Office applications
Microsoft Office
Client/Desktop applications / Office applications
Microsoft Project
Client/Desktop applications / Office applications
Microsoft Visio
Client/Desktop applications / Office applications
Word Viewer
Client/Desktop applications / Office applications
Excel Viewer
Client/Desktop applications / Office applications
Microsoft SQL Server
Server applications / Database software
Windows Server
Operating systems & Components / Operating system
Windows
Operating systems & Components / Operating system
Microsoft .NET Framework
Server applications / Frameworks for developing and running applications

Vendor: Microsoft

Description
The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to integer overflow in APIs accessible from .NET Framework applications. A remote attacker can create a specially crafted ASP.NET or .NET Framework application, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system with privileges of the current user.

Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.

Mitigation
Install update from vendor's website:

Microsoft .NET Framework 1.1 Service Pack 1 when installed on Microsoft Windows 2000 Service Pack 4:
https://www.microsoft.com/downloads/details.aspx?FamilyId=ecf78619-80fa-417d-852b-1b5b2cf574e2
Microsoft .NET Framework 2.0 Service Pack 1 when installed on Microsoft Windows 2000 Service Pack 4:
https://www.microsoft.com/downloads/details.aspx?FamilyId=3e534aa8-29c2-4379-9f57-931a6ff47418
Microsoft .NET Framework 2.0 Service Pack 2 when installed on Microsoft Windows 2000 Service Pack 4:
https://www.microsoft.com/downloads/details.aspx?familyid=e6f5e730-85cc-4c08-a50d-c456b1e9f5bc
Windows XP Service Pack 2 and Windows XP Service Pack 3:
https://www.microsoft.com/downloads/details.aspx?familyid=e2acde20-a6d3-4135-b6eb-1214f743d474
Windows XP Professional x64 Edition Service Pack 2:
https://www.microsoft.com/downloads/details.aspx?familyid=ad92503a-8c91-4d73-98b0-942d7961637d
Windows Server 2003 Service Pack 2:
https://www.microsoft.com/downloads/details.aspx?familyid=414466a4-39a0-476d-9a43-ae7674cbd6a0
Windows Server 2003 x64 Edition Service Pack 2:
https://www.microsoft.com/downloads/details.aspx?familyid=eb95e8d9-6ef5-4526-99d2-507e50de049b
Windows Server 2003 with SP2 for Itanium-based Systems:
https://www.microsoft.com/downloads/details.aspx?familyid=a678ceb9-a37a-4c29-8bd1-f209922990e5
Windows Vista and Windows Vista Service Pack 1:
https://www.microsoft.com/downloads/details.aspx?familyid=19aa01f3-026d-4264-85f8-216d0597969b
Windows Vista x64 Edition and Windows Vista x64 Edition Service Pack 1:
https://www.microsoft.com/downloads/details.aspx?familyid=8f5f0c1d-1dd6-47fa-aef2-d3c96c8fc06e
Windows Server 2008 for 32-bit Systems:
https://www.microsoft.com/downloads/details.aspx?familyid=fd1694af-8873-43aa-9243-91f7cde452b7
Windows Server 2008 for x64-based Systems:
https://www.microsoft.com/downloads/details.aspx?familyid=41bc4cdb-273a-4a6e-80d9-c8ce20e32da9
Windows Server 2008 for Itanium-based Systems:
https://www.microsoft.com/downloads/details.aspx?familyid=a4f42085-1cb9-4b8d-a931-85be71fdf06d
Microsoft Office XP Service Pack 3:
https://www.microsoft.com/downloads/details.aspx?familyid=b4ac7fbe-dd19-4940-a576-89a6b7ed602d
Microsoft Office 2003 Service Pack 3:
https://www.microsoft.com/downloads/details.aspx?familyid=48752ab4-5928-476d-a8bc-e998d188b1f7
2007 Microsoft Office System Service Pack 1:
https://www.microsoft.com/downloads/details.aspx?familyid=98d7c4ab-f8ca-4806-a609-453fb29b02ec
2007 Microsoft Office System Service Pack 2:
https://www.microsoft.com/downloads/details.aspx?familyid=98d7c4ab-f8ca-4806-a609-453fb29b02ec
Microsoft Office Project 2002 Service Pack 1:
https://www.microsoft.com/downloads/details.aspx?familyid=b4ac7fbe-dd19-4940-a576-89a6b7ed602d
Microsoft Visio 2002 Service Pack 2:
https://www.microsoft.com/downloads/details.aspx?familyid=920ee70b-c5c1-47b5-8f33-938ffe14eea4
Microsoft Word Viewer 2003 Service Pack 3 and Microsoft Office Excel Viewer 2003 Service Pack 3:
https://www.microsoft.com/downloads/details.aspx?familyid=48752ab4-5928-476d-a8bc-e998d188b1f7
Microsoft Office Excel Viewer Service Pack 2, Microsoft Office Visio Viewer 2007 Service Pack 1, and Microsoft Office Visio Viewer 2007 Service Pack 2:
https://www.microsoft.com/downloads/details.aspx?familyid=98d7c4ab-f8ca-4806-a609-453fb29b02ec
Microsoft Office PowerPoint Viewer 2007 Service Pack 2:
https://www.microsoft.com/downloads/details.aspx?familyid=98d7c4ab-f8ca-4806-a609-453fb29b02ec
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 1:
https://www.microsoft.com/downloads/details.aspx?familyid=98d7c4ab-f8ca-4806-a609-453fb29b02ec
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 2:
https://www.microsoft.com/downloads/details.aspx?familyid=98d7c4ab-f8ca-4806-a609-453fb29b02ec
Microsoft Works 8.5:
https://www.microsoft.com/downloads/details.aspx?familyid=6f96de9a-62d8-428f-9567-51d55c129be6
SQL Server 2000 Reporting Services Service Pack 2:
https://www.microsoft.com/downloads/details.aspx?familyid=33554f96-5af7-4683-a537-9db293b67b8d
SQL Server 2005 Service Pack 2:
https://www.microsoft.com/downloads/details.aspx?familyid=d971a262-1dfb-498c-a4f3-59fdc1b85d23
https://www.microsoft.com/downloads/details.aspx?familyid=76d3d653-e9a0-48bc-afae-d3553f7b9235
SQL Server 2005 x64 Edition Service Pack 2:
https://www.microsoft.com/downloads/details.aspx?familyid=d971a262-1dfb-498c-a4f3-59fdc1b85d23
https://www.microsoft.com/downloads/details.aspx?familyid=76d3d653-e9a0-48bc-afae-d3553f7b9235
SQL Server 2005 for Itanium-based Systems Service Pack 2:
https://www.microsoft.com/downloads/details.aspx?familyid=d971a262-1dfb-498c-a4f3-59fdc1b85d23
https://www.microsoft.com/downloads/details.aspx?familyid=76d3d653-e9a0-48bc-afae-d3553f7b9235
SQL Server 2005 Service Pack 3:
https://www.microsoft.com/downloads/details.aspx?familyid=0d878f4b-71e8-4170-9a14-1bce684811ce
https://www.microsoft.com/downloads/details.aspx?familyid=e6f307c1-8b21-406e-9c6f-b1a3a1e9a98f
SQL Server 2005 x64 Edition Service Pack 3:
https://www.microsoft.com/downloads/details.aspx?familyid=0d878f4b-71e8-4170-9a14-1bce684811ce
https://www.microsoft.com/downloads/details.aspx?familyid=e6f307c1-8b21-406e-9c6f-b1a3a1e9a98f
SQL Server 2005 for Itanium-based Systems Service Pack 3:
https://www.microsoft.com/downloads/details.aspx?familyid=0d878f4b-71e8-4170-9a14-1bce684811ce
https://www.microsoft.com/downloads/details.aspx?familyid=e6f307c1-8b21-406e-9c6f-b1a3a1e9a98f
Microsoft Report Viewer 2005 Service Pack 1 Redistributable Package:
https://www.microsoft.com/downloads/details.aspx?familyid=0dfaf300-2b53-4678-a779-0d805ddfe538
Microsoft Report Viewer 2008 Redistributable Package:
https://www.microsoft.com/downloads/details.aspx?familyid=42ed040f-cf94-4754-b0b3-c8016fbcbe22
Microsoft Report Viewer 2008 Redistributable Package Service Pack 1:
https://www.microsoft.com/downloads/details.aspx?familyid=6aaa74bd-a46e-4478-b4e1-2063d18d2d42
Microsoft Forefront Client Security 1.0 when installed on Microsoft Windows 2000 Service Pack 4:
https://www.microsoft.com/downloads/details.as

Vulnerable software versions

Microsoft Forefront Client Security: 1.0

Microsoft Report Viewer: 2005 - 2008

Microsoft SQL Server: 2000 8.0.194, 2005 9.0.1399

Microsoft Works: 8.5

Microsoft Office: 2007

Windows Server: 2003 - 2008

Windows: Vista, XP

Microsoft .NET Framework: 2.0, 1.1

Microsoft Project:

Microsoft Visio:

Word Viewer: 2003

Excel Viewer:

External links
http://technet.microsoft.com/en-us/library/security/ms09-062.aspx

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Microsoft Windows