Computer Security
[EN] securityvulns.ru no-pyccku


Microsoft Word buffer overflows
updated since 11.06.2009
Published:14.06.2009
Source:
SecurityVulns ID:9983
Type:client
Threat Level:
8/10
Description:Fre different buffer overflows on document parsing.
Affected:MICROSOFT : Office 2000
 MICROSOFT : Office XP
 MICROSOFT : Office 2003
 MICROSOFT : Office 2004 for Mac
 MICROSOFT : Office 2007
 MICROSOFT : Office 2008 for Mac
CVE:CVE-2009-0565 (Buffer overflow in Microsoft Office Word 2000 SP3, 2002 SP3, and 2007 SP1 and SP2; Microsoft Office for Mac 2004 and 2008; Open XML File Format Converter for Mac; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows remote attackers to execute arbitrary code via a Word document with a malformed record that triggers memory corruption, aka "Word Buffer Overflow Vulnerability.")
 CVE-2009-0563 (Stack-based buffer overflow in Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Microsoft Office for Mac 2004 and 2008; Open XML File Format Converter for Mac; Microsoft Office Word Viewer 2003 SP3; Microsoft Office Word Viewer; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows remote attackers to execute arbitrary code via a Word document with a crafted tag containing an invalid length field, aka "Word Buffer Overflow Vulnerability.")
Original documentdocumentVUPEN Security Research, VUPEN Security - Microsoft Office Word Document Parsing Buffer Overflow Vulnerability (14.06.2009)
 documentZDI, ZDI-09-035: Microsoft Word Document Stack Based Buffer Overflow Vulnerability (11.06.2009)
 documentMICROSOFT, Microsoft Security Bulletin MS09-027 - Critical (11.06.2009)
Files:Microsoft Security Bulletin MS09-027 - Critical Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (969514)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod