Microsoft Office: Drawing Shape Container Parsing Vulnerability

Users of Microsoft Office please be advised of a Drawing Shape Container Parsing vulnerability that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (

Office-SA-11/09/2010: Microsoft Office Drawing Shape Container Parsing Vulnerability
Affected Software

* Microsoft Office XP SP3
* Microsoft Office 2003 SP3
* Microsoft Office 2007 SP2
* Microsoft Office 2010

NOTE: Other versions may also be affected.

Description of Vulnerability

Secunia Research has discovered a vulnerability in Microsoft Office,
which can be exploited by malicious people to compromise a user’s

The vulnerability is caused by insufficient validation when parsing an
Office Art Drawing record, which contains “msofbtSp” records that
specify certain flags. This can be exploited to corrupt memory via a
specially crafted Office file.

Successful exploitation allows execution of arbitrary code.