Microsoft WordPad and Office Text Converters Multiple Vulnerabilities( 15 April 2009 )

Last Update Date: 28 Jan 2011 Release Date: 15 Apr 2009 5060 Views

RISK: Medium Risk

1. WordPad and Office Text Converter Memory Corruption Vulnerability

A remote code execution vulnerability exists in the way that text converters in WordPad and Microsoft Office process memory when a user opens a specially crafted Word 6 file that includes malformed data.

2. WordPad Word 97 Text Converter Stack Overflow Vulnerability

A remote code execution vulnerability exists in the way that Microsoft WordPad processes memory when parsing a specially crafted Word 97 document. The vulnerability could allow remote code execution if a user opens a specially crafted Word file that includes a malformed list structure.

3. Word 2000 WordPerfect 6.x Converter Stack Corruption Vulnerability

A remote code execution vulnerability exists in the way that the WordPerfect 6.x converter that is included with Microsoft Office Word 2000 processes memory when parsing a specially crafted WordPerfect document.

4. WordPad Word 97 Text Converter Stack Overflow Vulnerability

A remote code execution vulnerability exists in WordPad as a result of memory corruption when a user opens a specially crafted Word file.

Impact

Remote Code Execution

System / Technologies affected

Microsoft Windows 2000
Windows XP
Windows Server 2003
Microsoft Office 2000
- Microsoft Office Word 2000
Microsoft Office XP
- Microsoft Office Word 2002
Microsoft Office Converter Pack

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.
Download locations for this patch

Microsoft WordPad and Office Text Converters Multiple Vulnerabilities( 15 April 2009 )

Impact

System / Technologies affected

Solutions

Vulnerability Identifier

Source

Related Link