0 Replies Latest reply on Jan 29, 2013 11:25 PM by chandrasekar rathinam

    Microsoft Office 2003/2007/2010 Command Execution 0 day

      Hi All,

       

      Can anyone know about the Below 0 day CMD Execution in Microsoft Office . Whether its Deployed in McaFee Products.

       

      0 Day Remote Exploit in All Version of Microsoft OfficePackage , But its available in Black Market .

       

       

      Date add:

       

      2013-01-25

       

      Category:

       

      remote  exploits

       

      Verified:

       

      Verified

       

      Risk:

       
         

      Platform:

       

      windows

       

      Views:

       

      3763

       

      Comments:

       

      2

       

      Price:

       

      20000 $

       

      Description:

       

      Microsoft Office 2003/2007/2010 all service pack from a  command execution vulnerability .

       


      POC ( Proof Of Concept ) - http://www.youtube.com/watch?feature=player_embedded&v=pKhulHEFrR0


      Ref:

       

      http://www.1337day.com/exploit/description/20229

      http://pastebin.com/pwCCyCbk

       

      Thanks,

       

      Chandru