Skip to content
cyberexploits
doswindowstext

Microsoft Excel - WOPT Record Parsing Heap Memory Corruption

Microsoft Excel - WOPT Record Parsing Heap Memory Corruption

Publié le 2010-09-21

Code source

Épinglé au commit 7eac4c3a2ce5
textplatforms/windows/dos/15065.txt7eac4c3a
raw
'''

  __  __  ____         _    _ ____ 

 |  \/  |/ __ \   /\  | |  | |  _ \

 | \  / | |  | | /  \ | |  | | |_) |

 | |\/| | |  | |/ /\ \| |  | |  _ <  (day 21 binary analysis)

 | |  | | |__| / ____ \ |__| | |_) |

 |_|  |_|\____/_/    \_\____/|____/

 

'''

 

  Title               :  Microsoft Excel WOPT Record Parsing Heap Memory Corruption

  Version             :  Excel 2002 SP3

  Analysis            :  http://www.abysssec.com

  Vendor              :  http://www.microsoft.com

  Impact              :  High

  Contact             :  shahin [at] abysssec.com , info  [at] abysssec.com

  Twitter             :  @abysssec

  CVE                 :  CVE-2010-1248

 

here is BA : http://www.exploit-db.com/moaub-21-microsoft-excel-wopt-record-parsing-heap-memory-corruption/

here is the PoC : https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/15065.rar (moaub-21-exploit.rar)

Voir sur GitHub