MS10-087: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2423930)
High Nessus Plugin ID 50528
SynopsisArbitrary code can be executed on the remote host through Microsoft Office.
DescriptionThe remote Windows host is running a version of Microsoft Office that is affected by several vulnerabilities :
- An integer underflow exists in the way the application parses the PowerPoint file format, which could lead to heap corruption and allow for arbitrary code execution when opening a specially crafted PowerPoint file.
- A stack-based buffer overflow can be triggered when parsing specially crafted RTF files, leading to arbitrary code execution. (CVE-2010-3333)
- A memory corruption vulnerability exists in the way the application parses specially crafted Office files containing Office Art Drawing records. (CVE-2010-3334)
- A memory corruption vulnerability exists in the way drawing exceptions are handled when opening specially crafted Office files. (CVE-2010-3335)
- A memory corruption vulnerability exists in the way the application parses specially crafted Office files.
- A DLL preloading (aka binary planting) vulnerability exists because the application insecurely looks in its current working directory when resolving DLL dependencies. (CVE-2010-3337)
SolutionMicrosoft has released a set of patches for Office XP, 2003, 2007, and 2010.