New User, Welcome!     Login

Open Document

PrivaWall Antivirus Office XML Format Evasion/Bypass Vulnerability

PrivaWall Antivirus Office XML Format Evasion/Bypass Vulnerability

DESCRIPTION

Office XML formats are a Microsoft proprietary file format regarding office
documents, spreadsheets etc., otherwise known as Microsoft's Open Document
XML (not to be confused with Office Open XML).

This format, which can be viewed as a hybrid between .doc and .docx formats,
is essentially a .xml file that is identified with the magic number
`<?mso-application` and Microsoft Windows automatically handle it

Hacker Space Fest 2009 CFP: Call For Paper

  * Release during the festival? YES | NO
  * Internet connection required? YES | NO

+ Acceptable Formats

  * Open Document
  * PDF
  * Plain Text
  * RTF

+ Agenda

[ MDVSA-2010:221 ] openoffice.org

 security settings, which allows remote attackers to run arbitrary
 macros via a crafted document (CVE-2010-0136).
 
 User-assisted remote attackers are able to bypass Python macro
 security restrictions and execute arbitrary Python code via a crafted
 OpenDocument Text (ODT) file that triggers code execution when the
 macro directory structure is previewed (CVE-2010-0395).
 
 Impress module does not properly handle integer values associated
 with dictionary property items, which allows remote attackers to
 cause a denial of service (application crash) or possibly execute

VUPEN Security Research - OpenOffice Word Document Processing Heap Overflow Vulnerabilities

OpenOffice.org (OO.o or OOo), commonly known as OpenOffice, is an
open source software application suite available for a number of
different computer operating systems. It is distributed as free
software and written using its own GUI toolkit. It supports the
ISO/IEC standard OpenDocument Format (ODF) for data interchange
as its default file format, as well as Microsoft Office formats
among others. (Wikipedia)


II. DESCRIPTION

Secunia Research: SAP GUI KWEdit ActiveX Control "SaveDocumentAs()" Insecure Method

information, corrupt files, or compromise a user's system.

The problem is that the bundled KWEdit ActiveX control (KWEDIT.DLL) 
provides the insecure method "SaveDocumentAs()", which saves an HTML 
document to a specified location. This can be exploited in combination
with e.g. the "OpenDocument()" method to disclose the contents of 
files or to execute arbitrary code on a user's system.

====================================================================== 
5) Solution


Copyright © 1995-2012 LinuxRocket.net. All rights reserved.

Nearly all of LinuxRocket's features are free. Be kind and donate to the cause!