Microsoft Office is a package that provides word processing, spreadsheet, presentation, e-mail, and calendaring capabilities for Microsoft Windows workstations. MS Office XP (2002) and MS Office 2000 use the Microsoft Windows GDI+ Application Programming Interface (API) to produce graphics and formatted text on both the video display and the printer instead of accessing graphics hardware directly.
A memory corruption vulnerability in the way MS Office handles malformed objects in Office Art Property Tables allows remote attackers to execute arbitrary code when a user opens a specially crafted Office document.
Apply the patches referenced in Microsoft Security Bulletin 09-062.
Exploit works on MS Office Word 2002 SP3.
User must open the exploit file in MS Office Word.
The CPAN modules IO::Uncompress and Compress::Zlib are required by this exploit in order to compress the data transfered from the exploit web server.