jetlib.sec » Packet Storm Security Misc. Files » Microsoft Office MSO Size Handling Integer Overflow

Feeds

267703 items (580 unread) in 27 feeds

• 0day.today (was: 1337day, Inj3ct0r, 1337db) (573 unread)
• OSVDB Vulnerabilities
• Exploit-DB
• SecurityFocus Vulnerabilities
• Bugtraq
• Full Disclosure
• XSSed
• Packet Storm Security Headlines (7 unread)
• Packet Storm Security Advisories
• Packet Storm Security Exploits
• Packet Storm Security Recent Files
• Packet Storm Security Tools
• Packet Storm Security Misc. Files
• Sophos security news
• Sophos product advisories
• Penetration Testing
• SecuriTeam
• BackTrack Linux Forums
• Threatpost
• SecDocs
• carnal0wnage.attackresearch.com
• Carnal0wnage
• Kernel Fun
• Darknet
• The Exploitant
• Hack a Day
• Wirevolution

Packet Storm Security Misc. Files

• April 14, 2011
• 

  Microsoft Office MSO Size Handling Integer Overflow

  Posted: April 14th, 2011, 8:56am PDT

  Tags:  office vulnerability microsoft microsoft-office-xp office-xp-service-pack office-xp-service-pack-3  

  The VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office. The vulnerability is caused by an integer overflow error in the MSO component when parsing certain values within an Office document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a malformed Office file (e.g. Word). Microsoft Office XP Service Pack 3 is affected.