This module exploits a vulnerability in Microsoft Office Word (.DOC files). The vulnerability is caused due to a boundary error in winword.exe within the processing of DOC files. This can be exploited to cause a memory corruption when a specially crafted file is opened. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
This module exploits a stack-based buffer overflow in the Microsoft Office Web Components. This module runs a web server waiting for vulnerable clients (Internet Explorer 6) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
This module exploits a buffer overflow in the owc10.dll ActiveX Control included in Microsoft Office Web Components. This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
Microsoft Office is prone to a vulnerability that may allow the execution of any library file named rsaenh.dll, if this dll is located in the same folder as a .dotx file. The attacker must entice a victim into opening a specially crafted .dotx file. This file and the associated binary may be delivered to a user through remote WebDAV shares. An attacker may exploit this issue to execute arbitrary code.
Subscribe to Client Side