Advisory Details

August 12th, 2008

Microsoft Windows Graphics Rendering Engine PICT Heap Corruption Vulnerability

ZDI-08-049
ZDI-CAN-103

CVE ID CVE-2008-3021
CVSS SCORE
AFFECTED VENDORS Microsoft
AFFECTED PRODUCTS File Format Vulnerability
TREND MICRO CUSTOMER PROTECTION Trend Micro TippingPoint IPS customers are protected against this vulnerability by Digital Vaccine protection filter ID 4665. For further product information on the TippingPoint IPS: http://www.tippingpoint.com
VULNERABILITY DETAILS


This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Office. User interaction is required to exploit this vulnerability in that the target must open a malicious file.

The specific flaw exists in the handling of PICT images in an office document. Due to improper parsing of the bits_per_pixel field in a PICT image a heap overflow can occur. Successful exploitation of this vulnerability can lead to a system compromise running under the credentials of the currently logged in user.

ADDITIONAL DETAILS Microsoft has issued an update to correct this vulnerability. More details can be found at:
http://www.microsoft.com/technet/security/bulletin/MS08-044.mspx
DISCLOSURE TIMELINE
  • 2006-09-14 - Vulnerability reported to vendor
  • 2008-08-12 - Coordinated public release of advisory
CREDIT Damian Put
BACK TO ADVISORIES