The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

security vulnerability CVE-2014-1809

Microsoft Office: bypassing ASLR via MSCOMCTL

Synthesis of the vulnerability

An attacker can obtain memory addresses, to bypass ASLR, in order to facilitate the development of an attack tool.
Severity of this weakness: 2/4.
Creation date: 13/05/2014.
Références of this bulletin: 2961033, CERTFR-2014-AVI-222, CVE-2014-1809, MS14-024, VIGILANCE-VUL-14742.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The ASLR (Address Space Layout Randomization) feature loads programs at random memory addresses, so it's more difficult to exploit memory corruptions.

However, the Microsoft Office MSCOMCTL library uses fixed addresses.

An attacker can therefore obtain memory addresses, to bypass ASLR, in order to facilitate the development of an attack tool.
Full Vigil@nce bulletin... (Free trial)

This computer weakness bulletin impacts software or systems such as Office, Access, Excel, InfoPath, OneNote, Outlook, PowerPoint, Project, Publisher, Visio, Word.

Our Vigil@nce team determined that the severity of this computer threat announce is medium.

The trust level is of type confirmed by the editor, with an origin of document.

An attacker with a expert ability can exploit this threat announce.

Solutions for this threat

Microsoft Office: patch for MSCOMCTL.
A patch is available in information sources.
Full Vigil@nce bulletin... (Free trial)

Computer vulnerabilities tracking service

Vigil@nce provides a computer security announce. Each administrator can customize the list of products for which he wants to receive vulnerability alerts. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications. The technology watch team tracks security threats targeting the computer system.