AOH :: HP Unsorted F :: C07-2480.HTM

Few unreported vulnerabilities by SehaTo



Few unreported vulnerabilities by SehaTo
Few unreported vulnerabilities by SehaTo



Hello lists,

 SehaTo  (sehato at yandex ru) reported few vulnerabilities in different
 Windows  applications.  Original  messages (in Russian) may be found at
http://securityvulns.com/source16446.html 

 1. Microsoft Windows Explorer corrupted WMF vulnerability
http://securityvulns.com/news/Microsoft/Windows/Explorer/DoS.html 

 Windows   explorer  (explorer.exe)  crashes  on  browsing  folder  with
 corrupted WMF files.

 SecurityVulns  note:  from  the very fast debugging results analysis on
 Windows  XP  SP2, there is potential code execution possibility (memory
 corruption),  because  attacker-controllable  data  is used to contruct
 both  read  and write memory addresses. Deeper research of exploitation
 possibility was not performed.

 2. IfranView / Microsoft Office 2003 malformed WMF crash
http://securityvulns.com/news/IrfanView/WMF/DoS.html 

 IfranView  crashes  on  attempt to view malformed WMF, Microsoft Office
 crashes on attempt to insert corrupted WMF file.

 SecurityVulns note: because of relatively low impact, SecurityVulns did
 no research on this vulnerability.

 3. 2 different Microsoft Excel DoS conditions
http://securityvulns.com/news/Microsoft/Excel/XML/DoS.html 

 2 different crashes in Microsoft Excel on parsing .XLS files (corrupted
 XML and corrupted XLS formats).

 SecurityVulns  note: vulnerabilities confirmed on Microsoft Excel 2003.
 Both   vulnerabilities  are  of  NULL-pointer  dereference  type.  Code
 execution is probably impossible.

-- 
/3APA3A
http://securityvulns.com/ 


The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.