Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: MS06-027: MS Word object pointer / Remote Code Execution - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
MS06-027: MS Word object pointer / Remote Code Execution
MS06-027 - KB 919637

Vulnerable: Word 2000 (including Word Viewer 2003) and better and Works 2000 and better
Not Vulnerable: Word for Mac

This is a remote code execution vulnerability that uses a malformed object pointer to corrupt system memory and can be used to execute arbitrary code.  If the user logged in has administrative privileges, the exploit will run with those same privileges and could take complete system control.

In order to successfully exploit this vulnerability, an attacker would have to persuade a user to open a malicious Word document, either through e-mail or a web page.  This vulnerability is marked critical and Microsoft Office users should apply the patch immediately.

It is possible to not log in with an administrator-level account, but that would not prevent "spyware" classes of attacks.

--
John Bambenek -- University of Illinois
John

248 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!