Lucene search

K
saintSAINT CorporationSAINT:30732D71D6C544B9948CD78860737CE7
HistoryAug 14, 2009 - 12:00 a.m.

Microsoft Office Web Components OWC.Spreadsheet.9 HTMLURL property overflow

2009-08-1400:00:00
SAINT Corporation
my.saintcorporation.com
21

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.96 High

EPSS

Percentile

99.4%

Added: 08/14/2009
CVE: CVE-2009-1534
BID: 35992
OSVDB: 56916

Background

Microsoft Office Web Components (OWC) are a group of OLE classes implemented as ActiveX controls.

Problem

A buffer overflow vulnerability in the **OWC.Spreadsheet.9** ActiveX control allows command execution when a user loads a web page which instantiates this control and assigns a long string value to the object’s HTMLURL parameter.

Resolution

Apply the update referenced in Microsoft Security Bulletin 09-043.

References

<http://www.microsoft.com/technet/security/bulletin/MS09-043.mspx&gt;

Limitations

Exploit works on Microsoft Office XP SP3 on Windows XP SP3 English with DEP enabled and requires a user to load the exploit page in Internet Explorer 6 or 7.

Platforms

Windows XP

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.96 High

EPSS

Percentile

99.4%