Release DateDec 30, 2011 |
Severitymedium |
ImpactSystem Compromise: Remote attackers can gain control of vulnerable systems. |
DescriptionThis indicates an attack attempt against a Memory Corruption vulnerability in a library (ole32.dll) used by Windows to parse OLE document summary information.The vulnerability is caused because the application fails to proper handle certain data. A remote attack can use a specially crafted Office document to trigger the vulnerability in Microsoft Windows Explorer. |
Affected ProductsSoftware that is linked to the ole32.dll versions that reside on Microsoft Windows 2000 SP4 FR and XP SP2 FR platforms are vulnerable; other versions might also be affected. |
Recommended ActionsWe are not aware of any official supplied fix for this issue. |
Coverage IPS
VCM |
Reference/shttp://www.securityfocus.com/bid/22847 (BugTraq) |
