2007/05/01

MoAxB #01: PowerPointViewer.ocx 3.1 multiple methods DoS

well, let's start the MoAxB with a DoS. This component allows you to visualize, create and modify ppt files.
Some methods are unable to handle exceptional conditions, and this causes the crash of the application that uses this component.

Online demonstration

Text format

This is the content of registers when the crash happens:

EAX 000EC484
ECX 01642A38
EDX 00000000
EBX 0173EA5C
ESP 0173EA30
EBP 0173EC68
ESI 000F4241
EDI 039E0024 UNICODE "AAA..."

EIP 77527420 ole32.77527420

77527420 8501 TEST DWORD PTR DS:[ECX],EAX <-- CRASH