Microsoft Office FlashPix Image Converter Dictionary property buffer overflow

2010-12-14T00:00:00
ID SAINT:63EA8CA0F5FD6175DEB9A1CDCD99E3B6
Type saint
Reporter SAINT Corporation
Modified 2010-12-14T00:00:00

Description

Added: 12/14/2010
CVE: CVE-2010-3951
BID: 45278
OSVDB: 69808

Background

Microsoft Office is a package that provides word processing, spreadsheet, presentation, e-mail, and calendaring capabilities for Microsoft Windows workstations. The suite ships with a set of image processing helper libraries known as graphics filters that support various image formats including FlashPix (FPX).

Problem

A buffer overflow vulnerability in the way Microsoft Office handles FlashPix image files allows remote attackers to execute arbitrary code by enticing a user to insert a malicious FlashPix image file into an Office document.

Resolution

Apply the patches referenced in Microsoft Security Bulletin 10-105.

References

<http://secunia.com/advisories/35600/>

Limitations

Exploit works on Microsoft Office XP SP3 and requires the user to insert the FPX image file in a Word document.

Platforms

Windows XP