Vulnerability Details
A potential vulnerability exists in the Microsoft Office Suite. The issue is a result of insufficient bounds checking on the content of PICT files embedded into documents. Successful exploitation of this issue enables an attacker to remotely execute arbitrary code on a target system. User interaction would be required, as an attacker would have to convince the target user to open a malformed file.
One of the filter DLLs for processing image files in Microsoft Office suffers from a potentially-exploitable memory corruption condition when processing .PICT images. An invalid value in the bits_per_pixel field (offset 0x257) causes heap corruption. Different values of this field result in distinctly different types of corruption. Internally, the issue was only reproducible when the malformed image was directly inserted into an Office document by the target user.
Vendor Response
Microsoft has issued an update to correct this vulnerability. More details can be found at:Disclosure Timeline
2006-09-14 - Vulnerability reported to vendor2008-08-12 - Coordinated public release of advisory
------------------------------------
Thats just about 693 days folks....yeah, really.
Thanks to Nummish for the twitter heads up.
No comments:
Post a Comment