Microsoft Works wkimgsrv.dll Memory Corruption Exploit

This module exploits a vulnerability in the wkimgsrv.dll control shipped with Microsoft Works and many Microsoft Office Suites. The exploit is triggered when the WksPictureInterface() method processes a number as argument resulting in a memory corruption. The WksPictureInterface(), in certain circumstances, points to an invalid memory address that can be controlled to gain code execution.
Exploit type: 
Platform: 
Vulnerabilty ID: 
CVE-2008-1898
Product Version: 
7.6
Released Date: 
Tuesday, December 23, 2008 - 00:00