Microsoft Office WPG Image File Heap Corruption Vulnerability

Overview

» IDS/IPS Signatures

Security Sites

iPolicy Networks Security Advisory


Date Discovered:	08/12/2008
Severity:	High
Applications Affected:	Microsoft Office 2000 SP3 Microsoft Office XP SP3 Microsoft Office 2003 SP2 Microsoft Office Project 2002 SP1 Microsoft Office Converter Pack Microsoft Works 8

Synopsis

Microsoft Office is prone to a WPG Image File Heap Corruption Vulnerability. This vulnerability exists in the way that Microsoft Office handles a WordPerfect Graphics (WPG) format image file. The vulnerability could be exploited when Microsoft Office opens a specially crafted WPG-format image file or a WordPerfect document file with a malformed WPG image embedded.

Recommended Actions

Update the patches as guided by vendor at :
http://www.microsoft.com/technet/security/bulletin/ms08-044.mspx

Threat Analysis

When Microsoft Office opens a specially crafted WPG image file, it may corrupt system memory in such a way that an attacker could execute arbitrary code. Such a file might be included in an e-mail attachment or hosted on a malicious Web site.

When Microsoft Office opens a specially crafted WPG image file, it may corrupt system memory in such a way that an attacker could execute arbitrary code. An attacker who successfully exploited this vulnerability could take complete control of the affected system.

References

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3460

Write-up by: Aditya Chaturvedi

Security Sites

“iPolicy is one of the most visionary firewall vendors in the firewall Magic Quadrant. Its architecture of a central session processing engine and multiple content blades that are able to block based on signatures, rules and so on is the closest to the network security ideal.”

Greg Young, John Pescatore
Magic Quadrant for Network Firewalls, 2H04, Gartner

| | | | | | | | |