Bugtraq mailing list archives
RE: More Office XP problems
From: psz () maths usyd edu au (Paul Szabo)
Date: Mon, 8 Apr 2002 06:46:49 +1000 (EST)
Kevin Brown kevin () kbrownfox net wrote:
RTF is a benign file format and does not support scripting or embedded HTML tags.
It does macros, and may cause exploitable buffer overflows in viewers.
You must have the MS security patches
RTF document linked to template can run macros without warning:
http://www.microsoft.com/technet/security/bulletin/ms01-028.asp
Malformed RTF Control Word:
http://www.microsoft.com/technet/security/bulletin/ms00-005.asp
installed.
Cheers,
Paul Szabo - psz () maths usyd edu au http://www.maths.usyd.edu.au:8000/u/psz/
School of Mathematics and Statistics University of Sydney 2006 Australia
Current thread:
- RE: More Office XP problems Ben Schorr (Apr 03)
- Re: More Office XP problems Georgi Guninski (Apr 04)
- RE: More Office XP problems Leonard Chung (Apr 05)
- RE: More Office XP problems Paul Schmehl (Apr 05)
- RE: More Office XP problems Kevin Brown (Apr 05)
- RE: More Office XP problems Mary Landesman (Apr 08)
- RE: More Office XP problems Leonard Chung (Apr 05)
- Re: More Office XP problems Georgi Guninski (Apr 04)
- <Possible follow-ups>
- RE: More Office XP problems Paul Szabo (Apr 08)