MOAUB #23 - Microsoft Excel HFPicture Record Parsing Memory Corruption (0day)

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : MOAUB #23 - Microsoft Excel HFPicture Record Parsing Memory Corruption (0day)
# Published : 2010-09-23
# Author : Abysssec
# Previous Title : MOAUB #24 - Microsoft MPEG Layer-3 Audio Decoder Division By Zero
# Next Title : BS.Player 2.56 (Build 1043) .m3u and .pls Denial of Service Vulnerability

'''
  __  __  ____         _    _ ____ 
 |  /  |/ __    /  | |  | |  _ 
 |   / | |  | | /   | |  | | |_) |
 | |/| | |  | |/ / | |  | |  _ <  (day 23 0day binary anlysis)
 | |  | | |__| / ____  |__| | |_) |
 |_|  |_|____/_/    _____/|____/

'''
 
  Title               :  Microsoft Excel HFPicture Record Parsing Memory Corruption (0day)
  Version             :  Excel 2002 SP3
  Analysis            :  http://www.abysssec.com
  Vendor              :  http://www.microsoft.com
  Impact              :  High
  Contact             :  shahin [at] abysssec.com , info  [at] abysssec.com
  Twitter             :  @abysssec
  CVE                 :  NO CVE
 
here is BA : http://www.exploit-db.com/moaub-23-microsoft-office-excel-2002-memory-corruption-vulnerability-0day/
here is the PoC : http://www.exploit-db.com/sploits/moaub-23-excel-poc.zip