4 matches found
iDefense Security Advisory 12.08.09: Microsoft WordPad Word97 Converter Integer Overflow Vulnerability
iDefense Security Advisory 12.08.09 http://labs.idefense.com/intelligence/vulnerabilities/ Dec 08, 2009 I. BACKGROUND WordPad is the default text editing application included with nearly all Windows versions since Windows 95. The Word97 converter is used to convert Word documents into the format...
CVE-2009-2506
The CVE-2009-2506 issue is a memory corruption/heap overflow vulnerability in WordPad and Office text converters when parsing the DocumentSummaryInformation stream of a specially crafted Word 97 DOC file. A remote attacker could execute arbitrary code with the privileges of the logged-on user by ...
CVE-2009-2506
Integer overflow in the text converters in Microsoft Office Word 2002 SP3 and 2003 SP3; Works 8.5; Office Converter Pack; and WordPad in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via a DOC file with an invalid number of property names ...
Microsoft WordPad and Office Text Converter Memory Corruption (MS09-073; CVE-2009-2506)
WordPad Text Converters allow users who do not have Microsoft Office Word installed to open documents in other Microsoft Windows applications. A remote code execution vulnerability has been reported in Microsoft WordPad and Office Word. The vulnerability is due to a memory corruption error in the...