OSVDB ID: 23903

Title: Microsoft Office Crafted Routing Slip Arbitrary Code Execution

Info

Disclosure
Mar 14, 2006

Discovery
Unknown

Dates

Exploit
Unknown

Solution
Unknown

Description

 A remote overflow exists in Microsoft Office 2000, Office XP (2002), and Office 2003. The Microsoft Word, Excel, PowerPoint, and Outlook applications fail to parse the routing slip metadata resulting in a buffer overflow. With a specially crafted document, an attacker can cause arbitrary code execution when a user closes a malicious document resulting in a loss of integrity.

Classification

 Location: Remote / Network Access, Context Dependent
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Unknown
Disclosure: OSVDB Verified, Uncoordinated Disclosure, Discovered in the Wild

Solution

 Currently, there are no known workarounds or upgrades to correct this issue. However, the vendor has released a patch to address this vulnerability.

Products

Microsoft Corporation

Office

 2000 SP3
2003 SP1
2003 SP2
XP SP3

Excel

 2002 SP3
2003 SP1
2003 SP2
2000 SP3
2004 for Mac
v. X for Mac

FrontPage

 2002 SP3

Outlook

 2002 SP3
2003
2000 SP3

PowerPoint

 2002 SP3
2003
2000 SP3

Publisher

 2002 SP3

Word

 2002 SP3
2003
2000 SP3

Excel Viewer

 2000
2002
2003 SP1
2003 SP2

Works Suite

 2002
2001
2000
2003
2004
2005
2006

Multilingual User Interface Packs

 2002 SP3

MultiLanguage Packs

 2000 SP3

References

Credit
  • Ollie Whitehouse - ollie_whitehousesymantec.com - Symantec Corp.


Direct URL: http://osvdb.org/23903