Microsoft Office MSODataSourceControl ActiveX Control Buffer Overflow Vulnerability

TITLE: Microsoft Office MSODataSourceControl ActiveX Control Buffer Overflow Vulnerability
CLASS: Boundary Condition Error
CVE:
REMOTE: Yes
LOCAL: No
PUBLISHED: Jun 13 2007 12:00AM
UPDATE: Jun 13 2007 12:00AM
CREDIT: YAG KOHHA is credited with the discovery of this issue.
VULNERABLE:

Microsoft Office 2003 SP3
Microsoft Office 2003 SP2
Microsoft Office 2003 SP1
Microsoft Office 2003 0
+ Microsoft Excel 2003
+ Microsoft FrontPage 2003
+ Microsoft InfoPath 2003
+ Microsoft OneNote 2003 0
+ Microsoft Outlook 2003 0
+ Microsoft PowerPoint 2003 0
+ Microsoft Publisher 2003
+ Microsoft Word 2003

NOT VULNERABLE:

Vai alla pagina originale su Security Focus

Discussion

Microsoft Office Microsoft Office MSODataSourceControl ActiveX Control is prone to a buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.

Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Failed exploit attempts will likely result in denial-of-service conditions.

Exploit

To exploit this issue, an attacker must entice an unsuspecting user to access a malicious webpage.

The following exploit code is available:

• /data/vulnerabilities/exploits/24462.html

Solution

Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com.

References

References:

• Microsoft Knowledge Base article 240797 (Microsoft)
  
• Microsoft Office Product Homepage (Microsoft)
  

PhpLog