Application Security Assessment

1
Application Security Assessment

• By
• Amita Kohli

2
Application Security Assessment

• Adobe reader/Acrobat
• MS- Office
• Power Point
• Word
• Excel
• Web Based Application

3
Adobe Reader

• Vulnerabilities in 6.0-6.0.2
• Adobe reader 6.0.3 updates
• These updates address issues like
• Preventing the playback of malicious content
  present in macromedia, and flash media embedded
  in PDF file.
  
• Vulnerability in the PNG Library that can be
  exploited with malformed PNG files.
  
• EBook plug-in working with ETD files during
  digital edition transactions
  

4
malicious playback (Acrobat 6.0-6.0.2, Adobe
Reader 6.0-6.0.2)

• They are applied to file formats and Acrobat
  products
  
• -- Flash files embedded within a PDF document
• -- Flash files embedded in a QuickTime movie that
  is then embedded in a PDF document
  
• -- Adobe Acrobat 6.0-6.0.2 (Professional,
  Standard, and Elements)
  
• Note The issue does not apply to the playback of
  embedded Adobe Atmosphere or Windows Media Player
  content inside a PDF document, nor does it affect
  Flash content played directly within a web
  browser. This issue also doesn't apply to Adobe
  Acrobat 5.x or Acrobat Reader 5.x.

5
Vulnerabilities in 6.0-6.0.2

• Solutions
• Install the update.
• Upgrade to Acrobat 7.0 or Acrobat Reader 7.0
• Modify the multimedia permission settings for
  Macromedia Flash Player and QuickTime

6
Vulnerability in the PNG Library that can be
exploited with malformed PNG files

• CVE-2004-0597
• Description Allow remote attackers to execute
  arbitrary code via malformed PNG images in which
  
  
• (1) the png_handle_tRNS function does not
  properly validate the length of transparency
  chunk (tRNS) data, or the
  
• (2) png_handle_hIST functions do not perform
  sufficient bounds checking.

7
EBook plug-in work with ETD files during digital
edition transactions

• Name CVE-2004-1153
• Description Format string vulnerability in
  Adobe Acrobat Reader 6.0.0 through 6.0.2 allows
  remote attackers to cause a denial of service
  (application crash) and possibly execute
  arbitrary code via an .ETD document containing
  format string specifies in (1) title or (2)
  baseurl fields.

8
MS-office

• Microsoft PowerPoint
• Malformed Record Vulnerability
• Results Memory corruption error.
• Impact Execution of arbitrary code.
• Solution Apply patches.
• Microsoft Word
• Macro Name Buffer Overflow Vulnerability
• Results Boundary error when handling macro
  names that are too long.
  
• Impact Execution of arbitrary code.
• Solution Don't open documents from untrusted
  sources.
  
• Apply patches

9
MS-office

• Microsoft Excel
• Buffer Overflow Vulnerability
• This is due to a boundary error when handling
  Excel files and can be exploited to cause a
  stack-based buffer overflow.
  
• Impact Execution of arbitrary code.
• Solution Apply patches.
• Web Based Application
• A JavaScript worm that takes advantage of an
  unpatched vulnerability in Yahoo's web mail
  service has been discovered on the net.
  

10
conclusion

• It is important to understand how applications
  handle business critical data and how that data
  is protected.