iDefense Security Advisory 03.09.10 - Remote exploitation of a type confusion vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code with the privileges of the current user. This vulnerability is a type confusion vulnerability that occurs when parsing several related Excel record types. In this case, the type confusion is due to multiple records containing fields that identify the type of an object shared between them. By controlling memory outside of the bounds of the allocated heap chunk, an attacker can control a C++ object pointer used in a virtual function call. This can result in an area of memory being treated as a different type of object than it actually is, resulting in access outside of the bounds of the allocated object. iDefense has confirmed the existence of this vulnerability in all currently supported versions of Excel (2007 SP1/SP2, 2003 SP3, XP SP3), and also the currently unsupported Excel 2000 SP3. A full list of vulnerable Microsoft products can be found in Microsoft Security Bulletin MS10-017.
bc5319861ff9ff807a6e7bfce8180ecb
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed