Microsoft Office PNG File Handling Buffer Overflow

Added: 06/18/2013
CVE: CVE-2013-1331
BID: 60408
OSVDB: 94127

Background

Microsoft Office is a package which provides word processing, spreadsheet, presentation, e-mail, and calendaring capabilities for Microsoft Windows workstations.

Problem

An error in Microsoft Office 2003 SP3 for Windows when processing PNG files can be exploited to cause a buffer overflow via a specially crafted file. A remote attacker who persuades the user to open the crafted DOC file could execute arbitrary code in the context of the user running Microsoft Office.

Resolution

Apply the patch referenced in Microsoft Security Bulletin 13-051.

References

http://technet.microsoft.com/en-us/security/bulletin/ms13-051
http://secunia.com/advisories/53747/

Limitations

This exploit has been tested against Microsoft Office 2003 SP3 on Windows XP SP3 English (DEP OptIn).

The user must save both the DOC and PNG files in the same folder, open the DOC file in the vulnerable Microsoft Office application, and press Alt+F9 to trigger the vulnerability.

Platforms

Windows XP

Back to exploit index