53663 : Microsoft Office Word 2000 WordPerfect 6.x Converter Document Handling Stack Corruption
Printer | http://osvdb.org/53663 | Email This | Edit Vulnerability

Views This Week	Views All Time	Added to OSVDB	Last Modified	Modified (since 2008)	Percent Complete
10	2805	over 2 years ago	about 1 year ago	12 times	55%

This Entry needs help! It is only 55% Complete. Click the edit link above to add more information.

Contributing is fast and easy, and benefits the entire security community.

Timeline

Vendor Informed Date	Vendor Ack Date	Disclosure Date
2006-06-28	2006-06-29	2009-04-14

Time to Vendor Response
1 days

Description

<em style='font-weight:bold;'>(Description Provided by <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=2009-0088" target="_blank">CVE</a>)</em> : The WordPerfect 6.x Converter (WPFT632.CNV, 1998.1.27.0) in Microsoft Office Word 2000 SP3 and Microsoft Office Converter Pack does not properly validate the length of an unspecified string, which allows remote attackers to execute arbitrary code via a crafted WordPerfect 6.x file, related to an unspecified counter and control structures on the stack, aka "Word 2000 WordPerfect 6.x Converter Stack Corruption Vulnerability."

Classification

Location: Local / Remote, Context Dependent
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Patch / RCS
Exploit: Exploit Private
Disclosure: Vendor Verified

Solution

Microsoft has released a patch to address this vulnerability. Additionally, it is possible to temporarily work around the flaw by implementing the following workaround: Uninstall the WordPerfect 6.x Converter. (Doing this will cause an inability to open WordPerfect 6.x documents within the affected Microsoft applications)

Products

Unknown or Incomplete

References

CVE ID: 2009-0088 (see also: NVD)
Related OSVDB ID: 53662 53664
Microsoft Knowledge Base Article: 960477
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2009-04/0133.html
News Article: http://gcn.com/articles/2009/04/15/microsoft-april-security-patch.aspx
http://www.eweek.com/c/a/Security/Micrsoft-Patch-Tuesday-Plugs-Security-Holes-as-Hackers-Circle-317813/
Other Advisory URL: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=782
Microsoft Security Bulletin: MS09-010

Tools & Filters

	36148

Credit

Anonymous - iDefense Labs VCP

CVSSv2 Score

CVSSv2 Base Score = 9.3
Source: nvd.nist.gov | Generated: 2009-04-15 | Disagree?

Blogs

This product uses the Daylife API but is not endorsed or certified by Daylife.

This section lists the latest news and blogs found via the daylife API (and for older items, the technorati API), which mention or otherwise discuss this vulnerability.

2009/04/15 04:55:50 | MS09-010: Description of the security update for the Office 2003 File Converter Pack: April 14, 2009

from: Microsoft Patch Watch

MS09-010: Description of the security update for the Office 2003 File Converter Pack: April 14, 2009 No tags for this post. Related postsNo related posts.

Comments

Add Comment Hide Add Comment

No Comments.

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.