Hello lists,
SehaTo (sehato at yandex ru) reported few vulnerabilities in different
Windows applications. Original messages (in Russian) may be found at
http://securityvulns.com/source16446.html
Windows explorer (explorer.exe) crashes on browsing folder with
corrupted WMF files.
SecurityVulns note: from the very fast debugging results analysis on
Windows XP SP2, there is potential code execution possibility (memory
corruption), because attacker-controllable data is used to contruct
both read and write memory addresses. Deeper research of exploitation
possibility was not performed.
IfranView crashes on attempt to view malformed WMF, Microsoft Office
crashes on attempt to insert corrupted WMF file.
SecurityVulns note: because of relatively low impact, SecurityVulns did
no research on this vulnerability.
2 different crashes in Microsoft Excel on parsing .XLS files (corrupted
XML and corrupted XLS formats).
SecurityVulns note: vulnerabilities confirmed on Microsoft Excel 2003.
Both vulnerabilities are of NULL-pointer dereference type. Code
execution is probably impossible.
–
/3APA3A
http://securityvulns.com/