Microsoft Works wkimgsrv.dll Memory Corruption Exploit

This module exploits a vulnerability in the wkimgsrv.dll control shipped with Microsoft Works and many Microsoft Office Suites. The exploit is triggered when the WksPictureInterface() method processes a number as argument resulting in a memory corruption. The WksPictureInterface(), in certain circumstances, points to an invalid memory address that can be controlled to gain code execution.
Exploit type: 
Vulnerabilty ID: 
Released Date: 
Monday, December 22, 2008 - 18:00