Multiple vulnerabilities have been reported in Microsoft Office, which can be exploited by malicious people to compromise a user's system.

1) An error in the EPS (Encapsulated PostScript) filter when handling the length of EPS images can be exploited to corrupt memory via e.g. an Office document containing a specially crafted EPS file.

2) An error in the PICT filter when handling the length of PICT images can be exploited to corrupt memory via a specially crafted PICT image.

3) An error in the PICT filter when parsing the "bits_per_pixel" field in PICT images can be exploited to corrupt heap memory via a specially crafted PICT image.

4) An error in the "BMPIMP32.FLT" filter module when handling the length of BMP images can be exploited to corrupt memory via a specially crafted BMP image with a very large number of colors in the header.

5) An boundary error in the WPG (WordPerfect Graphics) filter module "WPGIMP32.FLT" when handling the length of WPG images can be exploited to cause a heap-based buffer overflow via a specially crafted WPG image or WordPerfect document.

Successful exploitation of the vulnerabilities may allow execution of arbitrary code.

Solution
Apply patches.
Further details available to Secunia VIM customers

Provided and/or discovered by
1) Reported by the vendor.
2) The vendor credits Shaun Colley, NGS Software.
3) Damian Put via ZDI.
4) An anonymous person via iDefense.
5) Damian Put via iDefense.

Changelog
Further details available to Secunia VIM customers

Original Advisory
MS08-044 (KB924090):
http://www.microsoft.com/technet/security/Bulletin/MS08-044.mspx

iDefense Labs:
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=736
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=737

ZDI:
http://www.zerodayinitiative.com/advisories/ZDI-08-049/

Alternate/detailed remediation
Further details available in Customer Area

Deep Links
Links available to Secunia VIM customers