Windows OLE Automation Array command execution

Added: 11/17/2014
CVE: CVE-2014-6332
BID: 70952
OSVDB: 114533

Background

OLE (Object Linking and Embedding) is a technology that allows applications to share data and functionality, such as the ability to create and edit compound data, i.e., data that contains information in multiple formats.

Problem

The SafeArrayRedim function in the OleAut32.dll library does not properly check sizes of arrays when an error occurs. This allows an attacker to manipulate memory and bypass security protections in Internet Explorer, resulting in arbitrary code execution.

Resolution

Apply the security update referenced in MS14-064.

References

https://www.us-cert.gov/ncas/alerts/TA14-318B

Limitations

Exploit works on Windows with Internet Explorer 10 and earlier, and requires a user to load the exploit page in Internet Explorer.

Platforms

Windows

Back to exploit index