|
|
|
|
| |
"InfoPath 2003 allow you to gather information flexibly and efficiently in rich, dynamic forms and more effectively share, reuse, and repurpose information throughout your team or organization."
Microsoft Office InfoPath 2003 will stop responding when an attacker repeatedly clicks the Delete command button to delete sections in a repeating section table on a form. |
| |
Credit:
The information has been provided by Juha-Matti Laurio.
The vendor advisory can be found at: http://support.microsoft.com/kb/908233/
The hotfix advisory can be found at: http://www.securiteam.com/windowsntfocus/6E00B15EUG.html
|
| |
Vulnerable Systems:
* Microsoft Windows Server 2003, Standard Edition (32-bit x86)
* Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
* Microsoft Windows Server 2003, Web Edition
* Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
* Microsoft Internet Explorer (Programming) 6.0
* Microsoft Internet Explorer 6.0
* Microsoft Windows XP Professional
* Microsoft Windows XP Home Edition
The vulnerability is caused due to a design error when repeatedly clicking the 'Delete' button to delete sections in a repeating section table on a form. This causes a Denial of Service (DoS) state (application crash). It is possible that OS generates the following alert:
"Microsoft InfoPath has encountered a problem and needs to close. We are sorry for the inconvenience."
It is needed to restart the application to continue using InfoPath 2003.
Mshtml.dll shared library experiences an access violation when button-focus events are being processed at the same time that the document that hosts the buttons reloads. Additionally, this is due to fact that InfoPath 2003 uses Mshtml.dll component to display a form.
Normally this problem occurs when a form that has several command buttons is used.
Vendor Status:
The vendor has issued a fix with the release of Microsoft Security Bulletin MS05-054
|
|
|
|
|
