SAINT CorporationSAINT:3B5E38EB729C86F8F0701E85956563A5Microsoft Office Word RTF Parsing Engine Memory Corruption
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.944 High
EPSS
Percentile
99.2%
Added: 08/12/2010
CVE: CVE-2010-1901
BID: 42132
OSVDB: 66995
Background
Microsoft Office Word is Microsoftβs word processing software, released as a component of Microsoft Office suite.
Problem
Microsoft Office Word does not perform sufficient data validation when handling rich text data. When Word opens and parses a specially crafted RTF e-mail message or file, it may corrupt memory in such a way that an attacker could execute arbitrary code.
Resolution
Install the patch referenced in Microsoft Security Bulletin 10-056.
References
<http://www.microsoft.com/technet/security/bulletin/MS10-056.mspx>
Limitations
Exploit works on Microsoft Office Word 2003 SP3.
This exploit requires the Compress-Zlib PERL module from CPAN.
This exploit is not 100% reliable since the exploit script relies on a heap memory address that is not always fixed.
Platforms
Windows
Related
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.944 High
EPSS
Percentile
99.2%