Info

Disclosure

Dec 14, 2010

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Dec 14, 2010

Description

Microsoft Office is prone to an overflow condition. The PICT import filter suffers from an integer truncation error resulting in a heap-based overflow. With a specially crafted PICT image, a context-dependent attacker can potentially execute arbitrary code.

Classification

Location: Local / Remote, Context Dependent
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Patch / RCS
Disclosure: Vendor Verified

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability. Check the vendor advisory or solution in the references section.

Products

Microsoft Corporation	Office	XP SP3
		2003 SP3
		2007 SP2
		2010
		Converter Pack
	Works	9

References

CVE ID: 2010-3946 (see also: NVD)
Secunia Advisory ID: 35600
Related OSVDB ID: 69803 69805 69806 69807 69808 69809
Microsoft Knowledge Base Article: 968095
Vendor Specific News/Changelog Entry: http://blogs.technet.com/b/msrc/archive/2010/12/09/december-2010-advance-notification-service-is-released.aspx
Other Advisory URL: http://secunia.com/secunia_research/2009-34/
News Article: http://www.computerworld.com/s/article/9200642/Microsoft_slates_another_monster_Patch_Tuesday?taxonomyId=17&pageNumber=1
http://www.informationweek.com/blog/main/archives/2010/12/patch_tuesday_t.html
http://www.pcmag.com/article2/0,2817,2374148,00.asp
Vendor Specific Advisory URL: http://www.microsoft.com/technet/security/bulletin/ms10-dec.mspx
Microsoft Security Bulletin: MS10-105

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/69804

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Microsoft Corporation

Office

Works

References

Credit