Microsoft Excel WOPT Record Parsing Heap Memory Corruption

vendor:

Microsoft Excel

by:

Unknown

7.5

CVSS

HIGH

Heap Memory Corruption

119

CWE

Product Name: Microsoft Excel

Affected Version From: Excel 2002 SP3

Affected Version To: Unknown

Patch Exists: YES

Related CWE: CVE-2010-1248

CPE: a:microsoft:excel:2002::sp3

Metasploit:

Other Scripts:

Platforms Tested:

2010

Microsoft Excel WOPT Record Parsing Heap Memory Corruption

This vulnerability exists in Microsoft Excel 2002 SP3. It allows an attacker to corrupt the heap memory by parsing a specially crafted WOPT record. This can lead to remote code execution or a denial of service.

Mitigation:

Apply the necessary security updates provided by Microsoft.

Source

Exploit-DB raw data:

'''
  __  __  ____         _    _ ____ 
 |  \/  |/ __ \   /\  | |  | |  _ \
 | \  / | |  | | /  \ | |  | | |_) |
 | |\/| | |  | |/ /\ \| |  | |  _ <  (day 21 binary analysis)
 | |  | | |__| / ____ \ |__| | |_) |
 |_|  |_|\____/_/    \_\____/|____/
 
'''
 
  Title               :  Microsoft Excel WOPT Record Parsing Heap Memory Corruption
  Version             :  Excel 2002 SP3
  Analysis            :  http://www.abysssec.com
  Vendor              :  http://www.microsoft.com
  Impact              :  High
  Contact             :  shahin [at] abysssec.com , info  [at] abysssec.com
  Twitter             :  @abysssec
  CVE                 :  CVE-2010-1248
 
here is BA : http://www.exploit-db.com/moaub-21-microsoft-excel-wopt-record-parsing-heap-memory-corruption/
here is the PoC : https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/15065.rar (moaub-21-exploit.rar)