Common Vulnerabilities and Exposures (CVE)number
CVE-2010-3970 Stack-based buffer overflow in the CreateSizedDIBSECTION function in shimgvw.dll in the Microsoft Graphics Rendering Engine in Windows XP SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 SP2 allows remote attackers to execute arbitrary code via a crafted .MIC or unsplecified Office document containing a thumbnail bitmap with a negative biClrUsed value, as reported by Moti and Xu Hao.
General File Information
File 44.doc (part of ATT63777.7z archive)MD5 f51d3fb324d8f11b734ca63dbccbdc32SHA1 b3c4c84c98c6befaf6a480ae145cdcebb5929a82File size : 10240 bytesType: DOC
Distribution: Email attachment
Post Update - Vulnerability Analysis
Ultimately it plans to fetch and execute the file located at:
This file would be stored under %SYSTEM32% as 'a.exe'.