Microsoft Windows Drive Restriction Group Policy Bypass

2005-02-23T15:31:08
ID OSVDB:14182
Type osvdb
Reporter Sonny Discini(sonny.discini@montgomerycountymd.gov)
Modified 2005-02-23T15:31:08

Description

Vulnerability Description

Microsoft Windows contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when using the browse feature in Microsoft Office applications or using a flash drive, which will disclose restricted drive contents resulting in a loss of confidentiality.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch (Microsoft Office Service Pack 3) to address this vulnerability.

Short Description

Microsoft Windows contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when using the browse feature in Microsoft Office applications or using a flash drive, which will disclose restricted drive contents resulting in a loss of confidentiality.

References:

Vendor URL: http://www.microsoft.com/ Vendor Specific Advisory URL Security Tracker: 1013284 Other Advisory URL: http://www.securiteam.com/windowsntfocus/5UP0M15EUW.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-02/0420.html ISS X-Force ID: 19461 CVE-2005-0545 Bugtraq ID: 12641