Lucene search
SAINT CorporationSAINT:FA1F5A4A0A3B2EA21394DB99E57F4F2DHistoryAug 05, 2009 - 12:00 a.m.
MS Office Word malformed Sprm record buffer overflow
2009-08-0500:00:00
SAINT Corporation
www.saintcorporation.com
18
0.892 High
EPSS
Percentile
98.4%
Added: 08/05/2009
CVE: CVE-2009-0565
BID: 35190
OSVDB: 54960
Background
Microsoft Office Word is Microsoft’s word processing software, released as a component of Microsoft Office suite.
Problem
A buffer overflow in Microsoft Office Word allows remote command execution when a specially crafted Word file with a malformed Sprm record is processed.
Resolution
Install the patch referenced in Microsoft Security Bulletin 09-027.
References
<http://www.microsoft.com/technet/security/Bulletin/MS09-027.mspx>
Limitations
Exploit works on Windows XP SP3 with DEP enabled, and requires a user to open the exploit file in Microsoft Office Word 2002 SP3 with patch KB956329.
Platforms
Windows
Related
cve
cve
CVE-2009-0565
2009-06-10 18:00:00
checkpoint_advisories
checkpoint_advisories
packetstorm
packetstorm
Microsoft Word Record Parsing Buffer Overflow
2011-04-17 00:00:00
prion
prion
Buffer overflow
2009-06-10 18:00:00
saint
saint
MS Office Word malformed Sprm record buffer overflow
2009-08-05 00:00:00
MS Office Word malformed Sprm record buffer overflow
2009-08-05 00:00:00
MS Office Word malformed Sprm record buffer overflow
2009-08-05 00:00:00
securityvulns
securityvulns
VUPEN Security - Microsoft Office Word Document Parsing Buffer Overflow Vulnerability
2009-06-14 00:00:00
Microsoft Security Bulletin MS09-027 - Critical
2009-06-11 00:00:00
Microsoft Word buffer overflows
2009-06-14 00:00:00
openvas
openvas
Microsoft Office Word Remote Code Execution Vulnerabilities (969514)
2009-06-10 00:00:00
Microsoft Office Word Remote Code Execution Vulnerabilities (969514)
2009-06-10 00:00:00
nessus
nessus
seebug
seebug
Microsoft Word畸形记录解析栈溢出漏洞(MS09-027)
2009-06-13 00:00:00