Microsoft Office Web Components OWC.Spreadsheet Evaluate method vulnerability
Added: 07/14/2009CVE: CVE-2009-1136
BID: 35642
OSVDB: 55806
Background
Microsoft Office Web Components (OWC) are a group of OLE classes implemented as ActiveX controls.Problem
A memory corruption vulnerability allows command execution when a web page passes a specially crafted parameter to the Evaluate method of the OWC.Spreadsheet ActiveX control.Resolution
Set the kill bits on the {0002E541-0000-0000-C000-000000000046} and {0002E559-0000-0000-C000-000000000046} class IDs as described in Microsoft Knowledge Base Article 240797.References
http://www.microsoft.com/technet/security/advisory/973472.mspxLimitations
Exploit works on Microsoft Office XP and 2003 SP3 and requires a user to open the exploit page in Internet Explorer 6 or 7.The success of this exploit may depend on the state of the target's memory.
Platforms
WindowsBack to exploit index