Microsoft Works WPS File Field Length Handling Stack Overflow (MS08-011) - Ver2 (CVE-2008-0108)

Microsoft Works is home productivity software suite with fewer features than the Microsoft Office suite. The Microsoft Works Converter allows the user to open, edit, and save files in the Microsoft Works file format. CVE-2007-0216: The vulnerability is due to an error in the Microsoft Works...

MS08-011: Vulnerabilities in Microsoft Works File Converter Could Allow Remote Code Execution (947081)

The remote host is running a version of Microsoft Office Works Converter that may allow arbitrary code to be run. To succeed, the attacker would have to send a rogue file to a user of the remote computer and have him open it. Then a bug in the wps header handler would result in code execution. C...

Microsoft Works File Converter field length buffer overflow

Added: 02/19/2008 CVE: CVE-2008-0108 BID: 27659 OSVDB: 41459 Background The Microsoft Works File Converter allows Microsoft Office to open Microsoft Works files. Problem A buffer overflow vulnerability in the Microsoft Works File Converter allows arbitrary command execution when a user opens a .w...

Microsoft Works File Converter field length buffer overflow

Added: 02/19/2008 CVE: CVE-2008-0108 BID: 27659 OSVDB: 41459 Background The Microsoft Works File Converter allows Microsoft Office to open Microsoft Works files. Problem A buffer overflow vulnerability in the Microsoft Works File Converter allows arbitrary command execution when a user opens a .w...

Microsoft Works File Converter field length buffer overflow

Added: 02/19/2008 CVE: CVE-2008-0108 BID: 27659 OSVDB: 41459 Background The Microsoft Works File Converter allows Microsoft Office to open Microsoft Works files. Problem A buffer overflow vulnerability in the Microsoft Works File Converter allows arbitrary command execution when a user opens a .w...

iDefense Security Advisory 02.12.08: Microsoft Office Works Converter Stack-based Buffer Overflow Vulnerability

iDefense Security Advisory 02.12.08 http://labs.idefense.com/intelligence/vulnerabilities/ Feb 12, 2008 I. BACKGROUND Microsoft Word is a word processing application which is heavily used in corporate environments. Word comes with Office Converters that allow it to import files from various forma...

CVE-2008-0108

CVE-2008-0108 is a remote code execution vulnerability in Microsoft Works File Converter (wkcvqd01.dll) used to convert .wps files to Rich Text. The root cause is improper validation of field lengths in the Works File Converter, leading to a stack-based buffer overflow when handling crafted field...

Microsoft Works WPS File Field Length Handling Stack Overflow (MS08-011; CVE-2007-0216; CVE-2008-0108)

Microsoft Works is home productivity software suite with fewer features than the Microsoft Office suite. The Microsoft Works Converter allows the user to open, edit, and save files in the Microsoft Works file format. CVE-2007-0216: The vulnerability is due to an error in the Microsoft Works...