(0day) Microsoft Office Excel Office Art Object Parsing Remote Code Execution Vulnerability

ID ZDI-11-041
Type zdi
Reporter Anonymous
Modified 2011-11-09T00:00:00


This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the way the application parses an Office Art record within a Microsoft Excel Document. Specifically, when parsing an office art object record, if an error occurs, the application will add a stray reference to an element which is part of a linked list. When receiving a window message, the application will proceed to navigate this linked list. This will access a method from the malformed object which can lead to code execution under the context of the application.