Microsoft Office Web Components DataSourceControl ActiveX Control memory allocation

Added: 08/27/2009
CVE: CVE-2009-0562
BID: 35990
OSVDB: 56914

Background

Microsoft Office Web Components (OWC) are a group of OLE classes implemented as ActiveX controls.

Problem

A heap memory corruption vulnerability in the OWC10.DataSourceControl ActiveX control allows command execution when a user opens a web page which loads and unloads this control.

Resolution

Apply the update referenced in Microsoft Security Bulletin 09-043.

References

http://www.microsoft.com/technet/security/Bulletin/MS09-043.mspx

Limitations

Exploit works on Microsoft Office 2003 SP3 on Windows XP SP3 English with DEP enabled and requires a user to load the exploit page in Internet Explorer 6 or 7. After the published page is loaded in Internet Explorer, the target user must move the mouse in order to trigger the vulnerability. Note that this exploit is not 100% reliable due to the nature of heap memory corruption.

Platforms

Windows XP

Back to exploit index