CVE-2009-2506

2009-12-0918:30:00

CWE-189

[email protected]

web.nvd.nist.gov

cve-2009-2506

integer overflow

microsoft office

word

works

office converter pack

wordpad

windows 2000

server 2003

remote code execution

buffer overflow

7.8 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.949 High

EPSS

Percentile

99.3%

JSON

Integer overflow in the text converters in Microsoft Office Word 2002 SP3 and 2003 SP3; Works 8.5; Office Converter Pack; and WordPad in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via a DOC file with an invalid number of property names in the DocumentSummaryInformation stream, which triggers a heap-based buffer overflow.

CPENameOperatorVersion
microsoft:windows_2000microsoft windows 2000eq*
microsoft:windows_server_2003microsoft windows server 2003eq*
microsoft:windows_xpmicrosoft windows xpeq*
microsoft:office_converter_packmicrosoft office converter packeq*
microsoft:office_wordmicrosoft office wordeq2002
microsoft:office_wordmicrosoft office wordeq2003
microsoft:wordpadmicrosoft wordpadeq*
microsoft:worksmicrosoft workseq8.5

CPE	Name	Operator	Version
microsoft:windows_2000	microsoft windows 2000	eq	*
microsoft:windows_server_2003	microsoft windows server 2003	eq	*
microsoft:windows_xp	microsoft windows xp	eq	*
microsoft:office_converter_pack	microsoft office converter pack	eq	*
microsoft:office_word	microsoft office word	eq	2002
microsoft:office_word	microsoft office word	eq	2003
microsoft:wordpad	microsoft wordpad	eq	*
microsoft:works	microsoft works	eq	8.5