Microsoft Works File Converters Buffer Overflow Vulnerability ( 10 June 2009 )

Last Update Date: 28 Jan 2011 Release Date: 10 Jun 2009 4598 Views

RISK: Medium Risk

A remote code execution vulnerability exists in the way that the Works for Windows document converters handle specially crafted Works files. The vulnerability could allow remote code execution if a user opens a specially crafted .wps file. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights

Impact

Remote Code Execution

System / Technologies affected

Microsoft Office 2000
Microsoft Office XP
Microsoft Office 2003
2007 Microsoft Office System
Microsoft Office Word 2000
Microsoft Office Word 2002
Microsoft Office Word 2003 with the Microsoft Works 6-9 File Converter
Microsoft Office Word 2007
Microsoft Works 8.5
Microsoft Works 9

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.
Download locations for this patch

Microsoft Office 2000 Service Pack 3
- Microsoft Office Word 2000 Service Pack 3
Microsoft Office XP Service Pack 3
- Microsoft Office Word 2002 Service Pack 3
Microsoft Office 2003 Service Pack 3
- Microsoft Office Word 2003 Service Pack 3 with the Microsoft Works 6–9 File Converter
2007 Microsoft Office System Service Pack 1
- Microsoft Office Word 2007 Service Pack 1
Microsoft Works 8.5
Microsoft Works 9

Vulnerability Identifier

CVE-2009-1533

Source

Related Link

Share with

Microsoft Office Word Multiple Vulnerabilities ( 10 June 2009 )

10 Jun 2009 4561 Views

Google Chrome WebKit Memory Corruption and Information Disclosure Vulnerabilities

11 Jun 2009 4777 Views