Intrusion Prevention



Microsoft OLE documents include summary information about the document, such as the line count. A memory corruption vulnerability exists in a library (ole32.dll) used by Windows to parse OLE document summary information. Note that Microsoft Windows can parse OLE document summary information without having Microsoft Office installed.
Public exploit code targeting Microsoft Windows Explorer is available for this vulnerability. The public exploit code uses specially crafted Office document to trigger the vulnerability in Microsoft Windows Explorer. However, any application that links to ole32.dll may also be affected.

Affected Products

Software that is linked to the ole32.dll versions that reside on Microsoft Windows 2000 SP4 FR and XP SP2 FR platforms are vulnerable; other versions might also be affected.


The complete impact of this vulnerability is not known. Memory corruption does occur, but it is not clear if this can be leveraged to execute arbitrary code. At a minimum, this vulnerability will cause a denial of service.

Recommended Actions

We are not aware of any official supplied fix for this issue. Please go to for suggested workaround.

CVE References