|The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.|
Microsoft Office: bypassing ASLR via MSCOMCTL
Synthesis of the vulnerability
An attacker can obtain memory addresses, to bypass ASLR, in order to facilitate the development of an attack tool.
Vulnerable products: Office, Access, Excel, InfoPath, OneNote, Outlook, PowerPoint, Project, Publisher, Visio, Word.
Severity of this weakness: 2/4.
Consequences of a hack: data reading.
Hacker's origin: document.
Creation date: 13/05/2014.
Références of this bulletin: 2961033, CERTFR-2014-AVI-222, CVE-2014-1809, MS14-024, VIGILANCE-VUL-14742.
Description of the vulnerability
The ASLR (Address Space Layout Randomization) feature loads programs at random memory addresses, so it's more difficult to exploit memory corruptions.
However, the Microsoft Office MSCOMCTL library uses fixed addresses.
An attacker can therefore obtain memory addresses, to bypass ASLR, in order to facilitate the development of an attack tool.
Full Vigil@nce bulletin... (Free trial)
Computer vulnerabilities tracking service
Vigil@nce provides a software vulnerability patch. Each administrator can customize the list of products for which he wants to receive vulnerability alerts. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications. The technology watch team tracks security threats targeting the computer system.