Microsoft Office 2003 Denial of Service Vulnerability

Bugtraq ID:	22716
Class:	Failure to Handle Exceptional Conditions
CVE:
Remote:	Yes
Local:	No
Published:	Feb 25 2007 12:00AM
Updated:	Feb 26 2007 06:46PM
Credit:	Discovered by sehato <sehato_(at)_yandex.ru>
Vulnerable:	Microsoft Office 2003 SP3 Microsoft Office 2003 SP2 Microsoft Office 2003 SP1 Microsoft Office 2003 0 + Microsoft Excel 2003 + Microsoft FrontPage 2003 + Microsoft InfoPath 2003 + Microsoft OneNote 2003 0 + Microsoft Outlook 2003 0 + Microsoft PowerPoint 2003 0 + Microsoft Publisher 2003 IrfanView IrfanView 3.99
Not Vulnerable:

Microsoft Office 2003 Denial of Service Vulnerability

Microsoft Office is prone to a denial-of-service condition when the malformed WMF file is viewed in an Office application.

Exploiting this issue allows remote attackers to crash applications, denying service to legitimate users.

Microsoft Office 2003 is vulnerable to this issue; other versions may also be affected.

Note: IrfanView version 3.99 is also vulnerable to this issue.

Microsoft Office 2003 Denial of Service Vulnerability

The following proof-of-concept exploit is available:

• /data/vulnerabilities/exploits/Office2003_IrfanView_Dos_exp.wmf

Microsoft Office 2003 Denial of Service Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].

Microsoft Office 2003 Denial of Service Vulnerability

References:

• IrfanView DoS (SecurityVulns)
  
• IrfanView Web Site (IrfanView)
  
• Microsoft Office Product Homepage (Microsoft)
  
• Vendor Home Page (Microsoft)
  
• Few unreported vulnerabilities by SehaTo (3APA3A)