Skip navigation

Double Clicking on Office Documents Could Execute Arbitrary Code.

 

Reported September 18, 2000 by Georgi Guninski

VERSIONS AFFECTED
  • Microsoft Office 2000 (Windows 98 and Windows 2000)

DESCRIPTION

If certain DLL files are present on a system running Windows 98 or Windows 2000 they can be exploited to execute native code.  This could lead to an attacker gaining full control over a system.  It has been reported that this attack also works via UNC shares.

DEMONSTRATION

If either RICHED20.DLL or MSI.DLL are present on the system and in the same directory as Office documents double clicking on the Office documents will execute the code in DllMain () of the above DLLs.

A demonstration of this vulnerability is available at;  http://www.guninski.com

VENDOR RESPONSE

Georgie Guninski made no indication that the vendor has been contacted.  Windows IT Security forwarded the advisory to Microsoft and is awaiting a response.

CREDIT
Discovered by
Georgi Guninski

TAGS: Security
Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish