On the patch Tuesday of this month, Microsoft patched 3 Office vulnerabilities in MS16-004. The vulnerabilityCVE-2016-0010 was discovered by myself and Fortinet's threat research team at the FortiGuard Labs. It is a heap overflow vulnerability in Microsoft Office because it fails to parse RTF documents correctly. Successful exploitation of this vulnerability could allow malicious users to create remote code execution scenarios. The underlying problem involves a typical heap overflow caused by a user-supplied value which is copied into a buffer allocated based on a user-supplied length. In this blog, I want to analyze the root cause of this vulnerability.
Deep Analysis of CVE-2016-0010 - Microsoft Office RTF File Handling Heap Overflow Vulnerability | Fortinet Blog
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.