From aldeid
Jump to navigation Jump to search


Sourcefire OFFICE CAT v2 is a Microsoft Office File Checker. It will check for various vulnerabilities in Office documents:

OCID Vulnerability Type Description
1 CVE-2006-2492 Word
2 CVE-2006-4534 Word
3 CVE-2006-3493 Word
4 CVE-2006-5994, MS07-014 Word
5 CVE-2006-6456 Word
6 CVE-2006-6561 Word
7 CVE-2006-1301 Excel
8 CVE-2006-1306 Excel
9 CVE-2006-1308 Excel
10 CVE-2006-3086 Excel
11 CVE-2006-3431 Excel
12 CVE-2006-3875, MS06-059 Excel
13 CVE-2006-3864, MS06-062 Excel
14 CVE-2006-3656 PowerPoint
15 CVE-2006-3876 PowerPoint
16 CVE-2006-4694 PowerPoint
17 CVE-2006-3590 PowerPoint
18 CVE-2006-1540 Office
19 CVE-2006-0001 Word
21 CVE-2007-0027, MS07-002 Excel BIFF atom: IMDATA
22 CVE-2007-0031, MS07-002 Excel Malformed Pallete Record
23 CVE-2007-0030, MS07-002 Excel Bad Column offset
24 CVE-2007-0515 Word
25 CVE-2006-3014 Office
26 CVE-2007-0671, MS07-015 Excel Malformed Record - 2 different vulns are attributed to this CVE
27 CVE-2006-3877, MS07-015 PowerPoint
28 CVE-2006-3432, MS07-002 Excel Malformed Record - Reserved subtype used in flawed record
29 CVE-2006-3865, MS07-002 Excel Malformed Image Data record
30 CVE-2006-4700, MS07-002 Excel Bad column offset - Caught as CVE-2007-0030
31 CVE-2006-4701, MS07-002 Excel Malformed SST record
32 CVE-2006-5995, MS07-002 Excel CCV greater than 56
33 CVE-2007-1214, MS07-023 Excel Malformed AUTOFILTER Record
34 CVE-2007-3030, MS07-036 Excel Malformed WorkSpace Record
35 CVE-2007-3029, MS07-036 Excel Malformed WINDOW1 Record
36 CVE-2007-1756, MS07-036 Excel Malformed Version Field in BOF Record
37 CVE-2007-1203, MS07-023 Excel Malformed Version Field in BOF Record
38 CVE-2008-0081, MS08-014 Excel Bad record ordering
39 CVE-2008-0114, MS08-014 Excel Invalid style index
40 CVE-2008-0111, MS08-014 Excel Improper DVal
41 CVE-2008-0115, MS08-014 Excel Missplaced rtVal record
42 CVE-2008-0116, MS08-014 Excel
43 CVE-2008-0118, MS08-016 PowerPoint Malformed background shape
44 CVE-2008-0117, MS08-014 Excel Malformed CF record
45 CVE-2008-1088, MS08-018 Project Malformed pointer
46 CVE-2008-0119, MS08-027 Publisher Worst bug ever discovered
47 CVE-2008-1455, MS08-051 PowerPoint Malformed Asian language atom
48 CVE-2008-0320 Office OpenOffice Flaw: lowSize is negative.
49 CVE-2008-2244, MS08-042 Word Invalid smarttags structure size
50 CVE-2008-3004, MS08-043 Excel Malformed AXP record
51 CVE-2008-3005, MS08-043 Excel Malformed FORMAT record
52 CVE-2008-0120, MS08-051 PowerPoint Malformed Drawing Group container
53 CVE-2008-0121, MS08-051 PowerPoint Malformed complex FOPTE atom
54 CVE-2008-3006, MS08-043 Excel Malformed COUNTRY record - May also indicate CVE-2008-4266
55 CVE-2008-3471, MS08-057 Excel Malformed FRTWrapper record
56 CVE-2008-4019, MS08-057 Excel Use of a potentially dangerous formula function
57 CVE-2008-4024, MS08-072 Word Malformed LFO structure
58 CVE-2008-4026, MS08-072 Word Malformed PRL structure
59 CVE-2008-4264, MS08-074 Excel Oversized ft field in OBJ record
60 CVE-2008-4266, MS08-074 Excel Malformed name index in LBL record
61 CVE-2008-4837, MS08-072 Word Malformed PRL structure
62 CVE-2008-4841, MS08-000 Word Malformed size in XST structure - Attacks wordpad converter




Usage: officecat.exe [-list] <filename>


lists known vulnerabilities by OCID, CVE, and MS number


C:\tools\officecat>officecat.exe Olimpikge.xls
Sourcefire OFFICE CAT v2
* Microsoft Office File Checker *

Processing Olimpikge.xls
        OCID: 51
        Type: Excel
        Malformed FORMAT record


The vulnerability database is incomplete, as shown on the below example:

C:\tools\officecat>officecat.exe TestYourMind.ppt
Sourcefire OFFICE CAT v2
* Microsoft Office File Checker *

Processing TestYourMind.ppt
SAFE File.