Immunity, Inc.
Name ms12_005
CVE CVE-2012-0013
Exploit Pack CANVAS
DescriptionMS12-005: MS Office 2007-2010 Shell Object Packager file extension bypass
NotesRepeatability: Infinite
Notes: The issue we exploit here was fixed silently alongside the ClickOnce issues in the MS12-005 patch but allows for a much cleaner exploitation primitive. To use this exploit, prepare a PPTX using this module by embedding a desired executable (PE .EXE), then save the resulting patched PPTX as a PPS (97-2003 powerpoint show) using MS Office 2010. This PPS may be served to vulnerable MS Office 2007-2010 installations on Windows Vista and 7 and will execute the embedded executable without further user interaction on opening of the PPS.
VENDOR: Microsoft
CVE Url: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0013
CVE Name: CVE-2012-0013

Learn more about the CANVAS Exploit Pack here: CANVAS