Bloodhound/Exploit.118

Bloodhound/Exploit.118 identifica con un método heurísitico la última vulnerabilidad reportada el 05 de Febrero del 2007, en la ejecución de códigos de Microsoft Word en todas sus versiones, incluyendo a Microsoft Internet Explorer for Unix SP2

La forma más empleada de propagación y ejecución de este exploit es a través mensajes de correo con documentos Word adjuntos. También se pueden usar otros servicios de Internet. 

El documento exprofesamente codificado contiene instrucciones para ocasionar desbordamientos de memoria y ejecución de códigos malignos en forma remota.

Infecta a Windows 95/98/Me/NT,2000/XP y Server 2003, que tengan instalado MS Word. Los ataques pueden ser realizados dentro de una Intarnet, Extranet o en forma remota por Internet. 

Sistemas afectados:

Microsoft Word 2000

• Microsoft Windows 95
• Microsoft Windows 98
• Microsoft Office 2000
• Microsoft Windows 2000 Professional SP2
• Microsoft Windows 2000 Professional SP1
• Microsoft Windows 2000 Professional
• Microsoft Windows NT 4.0 SP6a
• Microsoft Windows NT 4.0 SP6
• Microsoft Windows NT 4.0 SP5
• Microsoft Windows NT 4.0 SP4
• Microsoft Windows NT 4.0 SP3
• Microsoft Windows NT 4.0 SP2
• Microsoft Windows NT 4.0 SP1
• Microsoft Windows NT 4.0 

Microsoft Word 2000 SR1

• Microsoft Windows 95
• Microsoft Windows 98
• Microsoft Office 2000
• Microsoft Windows 2000 Professional SP2
• Microsoft Windows 2000 Professional SP1
• Microsoft Windows 2000 Professional
• Microsoft Windows NT 4.0 SP6a
• Microsoft Windows NT 4.0 SP6
• Microsoft Windows NT 4.0 SP5
• Microsoft Windows NT 4.0 SP4
• Microsoft Windows NT 4.0 SP3
• Microsoft Windows NT 4.0 SP2
• Microsoft Windows NT 4.0 SP1
• Microsoft Windows NT 4.0 

Microsoft Word 2000 SR1a

• Microsoft Windows 95
• Microsoft Windows 98
• Microsoft Office 2000
• Microsoft Windows 2000 Professional SP2
• Microsoft Windows 2000 Professional SP1
• Microsoft Windows 2000 Professional
• Microsoft Windows NT 4.0 SP6a
• Microsoft Windows NT 4.0 SP6
• Microsoft Windows NT 4.0 SP5
• Microsoft Windows NT 4.0 SP4
• Microsoft Windows NT 4.0 SP3
• Microsoft Windows NT 4.0 SP2
• Microsoft Windows NT 4.0 SP1
• Microsoft Windows NT 4.0

Microsoft Office 2000 SP1

• Microsoft Windows 2000 Professional SP2
• Microsoft Windows 2000 Professional SP1
• Microsoft Windows 2000 Professional
• Microsoft Windows Me
• Microsoft Windows NT Workstation 4.0 SP6a
• Microsoft Windows NT Workstation 4.0 SP6
• Microsoft Windows NT Workstation 4.0 SP5
• Microsoft Windows NT Workstation 4.0 SP4
• Microsoft Windows NT Workstation 4.0 SP3
• Microsoft Windows NT Workstation 4.0 SP2
• Microsoft Windows NT Workstation 4.0 SP1
• Microsoft Windows NT Workstation 4.0
• Microsoft Windows XP Home
• Microsoft Windows XP Professional 

Microsoft Word 2000 SP2

• Microsoft Windows 95
• Microsoft Windows 98
• Microsoft Office 2000
• Microsoft Windows 2000 Professional SP2
• Microsoft Windows 2000 Professional SP1
• Microsoft Windows 2000 Professional
• Microsoft Windows NT 4.0 SP6a
• Microsoft Windows NT 4.0 SP6
• Microsoft Windows NT 4.0 SP5
• Microsoft Windows NT 4.0 SP4
• Microsoft Windows NT 4.0 SP3
• Microsoft Windows NT 4.0 SP2
• Microsoft Windows NT 4.0 SP1
• Microsoft Windows NT 4.0

Microsoft Word 2000 SP3

• Microsoft Windows 98
• Microsoft Windows 98SE
• Microsoft Windows Me
• Microsoft Office 2000 SP3
• Microsoft Windows 2000 Professional SP3
• Microsoft Windows 2000 Professional SP2
• Microsoft Windows 2000 Professional SP1
• Microsoft Windows 2000 Professional
• Microsoft Windows NT Workstation 4.0 SP6a
• Microsoft Windows NT Workstation 4.0 SP6
• Microsoft Windows NT Workstation 4.0 SP5
• Microsoft Windows NT Workstation 4.0 SP4
• Microsoft Windows NT Workstation 4.0 SP3
• Microsoft Windows NT Workstation 4.0 SP2
• Microsoft Windows NT Workstation 4.0 SP1
• Microsoft Windows NT Workstation 4.0
• Microsoft Windows XP Home SP1
• Microsoft Windows XP Home
• Microsoft Windows XP Professional SP1
• Microsoft Windows XP Professional 

Microsoft Office 2003 SP2
Microsoft Office 2003 SP1
Microsoft Office 2000 SP3

• Microsoft Windows 98
• Microsoft Windows 98SE
• Microsoft Windows Me
• Microsoft Windows 2000 Professional SP3
• Microsoft Windows 2000 Professional SP2
• Microsoft Windows 2000 Professional SP1
• Microsoft Windows 2000 Professional
• Microsoft Windows NT Workstation 4.0 SP6a
• Microsoft Windows NT Workstation 4.0 SP6
• Microsoft Windows NT Workstation 4.0 SP5
• Microsoft Windows NT Workstation 4.0 SP4
• Microsoft Windows NT Workstation 4.0 SP3
• Microsoft Windows NT Workstation 4.0 SP2
• Microsoft Windows NT Workstation 4.0 SP1
• Microsoft Windows NT Workstation 4.0
• Microsoft Windows XP Home SP1
• Microsoft Windows XP Home
• Microsoft Windows XP Professional SP1
• Microsoft Windows XP Professional 

Microsoft Internet Explorer for Unix SP2

Las vulnerabilidades fueron reportadas por Common Vulnerabilities and Exposures de Cupertino, CA y SecurityFocus de Bedford, MA de los Estados Unidos:

• http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0515
• http://www.securityfocus.com/bid/22225