MOAUB #16 - Microsoft Excel HFPicture Record Parsing Remote Code Execution Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : MOAUB #16 - Microsoft Excel HFPicture Record Parsing Remote Code Execution Vulnerability
# Published : 2010-09-16
# Author : Abysssec
# Previous Title : Kingsoft Antivirus <= 2010.04.26.648 Kernel Buffer Overflow Exploit
# Next Title : Chalk Creek Media Player 1.0.7 .mp3 and .wma Denial of Service Vulnerability

'''
  __  __  ____         _    _ ____  
 |  /  |/ __    /  | |  | |  _  
 |   / | |  | | /   | |  | | |_) |
 | |/| | |  | |/ / | |  | |  _ <  (day 16 binary anlysis)
 | |  | | |__| / ____  |__| | |_) |
 |_|  |_|____/_/    _____/|____/ 

'''

  Title               :  Microsoft Excel HFPicture Record Parsing Remote Code Execution Vulnerability
  Version             :  Excel 2002 SP3
  Analysis            :  http://www.abysssec.com
  Vendor              :  http://www.microsoft.com
  Impact              :  High
  Contact             :  shahin [at] abysssec.com , info  [at] abysssec.com
  Twitter             :  @abysssec
  CVE                 :  CVE-2010-1248

here is BA : http://www.exploit-db.com/maoub-16-microsoft-excel-hfpicture-record-parsing-remote-code-execution-vulnerability/
here is the PoC : http://www.exploit-db.com/sploits/HFPicture_PoC.rar