Vulnerability Note VU#194944
Microsoft Windows fails to properly handle malformed OLE documents
A vulnerability exists in a Microsoft Windows library that is used to handle OLE documents. The complete impact of this vulnerability is not clear, but may include the execution of arbitrary code as well as a denial of service.
Microsoft OLE documents include summary information about the document, such as the line count. A memory corruption vulnerability exists in a library (ole32.dll) used by Windows to parse OLE document summary information. Note that Microsoft Windows can parse OLE document summary information without having Microsoft Office installed.
Public exploit code targeting Microsoft Windows Explorer is available for this vulnerability. The public exploit code uses specially crafted Office document to trigger the vulnerability in Microsoft Windows Explorer. However, any application that links to ole32.dll may also be affected.
The complete impact of this vulnerability is not known. Memory corruption does occur, but it is not clear if this can be leveraged to execute arbitrary code. At a minimum, this vulnerability will cause a denial of service.
We are currently unaware of a practical solution to this problem. Until a solution is available, the following workarounds may reduce the chances of exploitation:
Do not access untrusted Office documents
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Microsoft Corporation||Affected||-||07 Mar 2007|
CVSS Metrics (Learn More)
This vulnerability was publicly disclosed by Marsu.
This document was written by Jeff Gennari.
- CVE IDs: Unknown
- Date Public: 07 Mar 2007
- Date First Published: 07 Mar 2007
- Date Last Updated: 12 Mar 2007
- Severity Metric: 22.05
- Document Revision: 20
If you have feedback, comments, or additional information about this vulnerability, please send us email.