Microsoft Word 2000 - Malformed Function Code Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/22225/info Microsoft Word 2000 is prone to a remote code-execution vulnerability. Microsoft Word 2000 is confirmed vulnerable to a remote code-execution issue. Exploit attempts against Word 2003/XP will consume all CPU...

Microsoft Security Bulletin MS09-024 - Critical Vulnerability in Microsoft Works Converters Could Allow Remote Code Execution (957632)

Microsoft Security Bulletin MS09-024 - Critical Vulnerability in Microsoft Works Converters Could Allow Remote Code Execution 957632 Published: June 9, 2009 Version: 1.0 General Information Executive Summary This security update resolves a privately reported vulnerability in the Microsoft Works...

Microsoft写字板和Office文本转换器内存破坏漏洞（MS09-010）

BUGTRAQ ID: 29769 CVECAN ID: CVE-2009-0087 写字板是Windows操作系统中附件所提供的简单文本编辑工具。 如果用户打开了包含有畸形数据的特制Word 6文件的话，写字板和Microsoft Office中的内存破坏漏洞可能导致执行任意代码。 Microsoft Windows XP SP3 Microsoft Windows XP SP2 Microsoft Windows Server 2003 SP2 Microsoft Windows Server 2003 SP1 Microsoft Windows 2000SP4 Microsoft...

Microsoft Word 2000 WordPerfect转换器栈溢出漏洞（MS09-010）

BUGTRAQ ID: 34469 CVECAN ID: CVE-2009-0088 Word是微软Office套件中的文件处理工具。 Word可以通过应用过滤器模块将其他应用程序所创建的文档转换为Word可使用的格式。Word 2000所使用的WordPerfect 6.x转换器的转换代码没有对数据结构所分配的长度正确的验证计数器，如果解析了特制的WordPerfect文档就可能触发栈溢出，导致执行任意代码。 Microsoft Word 2000 SP3 临时解决方法： 不要打开或保存从不可信任来源接收到的或从可信任来源意外接收到的Microsoft Office文件。...

CVE-2009-0088

The WordPerfect 6.x Converter WPFT632.CNV, 1998.1.27.0 in Microsoft Office Word 2000 SP3 and Microsoft Office Converter Pack does not properly validate the length of an unspecified string, which allows remote attackers to execute arbitrary code via a crafted WordPerfect 6.x file, related to an...

Memory corruption

The WordPerfect 6.x Converter WPFT632.CNV, 1998.1.27.0 in Microsoft Office Word 2000 SP3 and Microsoft Office Converter Pack does not properly validate the length of an unspecified string, which allows remote attackers to execute arbitrary code via a crafted WordPerfect 6.x file, related to an...

Microsoft Word 2000 WordPerfect Converter Remote Code Execution Vulnerability

Description Microsoft Word 2000 is prone to a remote code-execution vulnerability because it fails to properly validate an unspecified string when parsing a WordPerfect document. An attacker could exploit this issue to execute arbitrary code with the privileges of the currently logged-in user...

iDefense Security Advisory 04.14.09: Microsoft Word 2000 WordPerfect 6.x Converter Stack Corruption Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDefense Security Advisory 04.14.09 http://labs.idefense.com/intelligence/vulnerabilities/ Apr 14, 2009 I. BACKGROUND Word 2000 is a word processing application included with the Microsoft Office 2000 software. The WordPerfect Converter is a tool used...

Memory corruption

Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac...

Memory corruption

Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1 allow remote attackers to execute arbitrary code via crafted control...

Microsoft Word Malformed Record Value Remote Code Execution Vulnerability

Description Microsoft Word is prone to a remote code-execution vulnerability. Successful attacks may allow arbitrary malicious code to run in the context of the user running the application. Failed attack attempts may result in a crash. Reports indicate that this issue affects Microsoft Office XP...

Memory corruption

Microsoft Word 2000 9.0.2812 and 2003 11.8106.8172 does not properly handle unordered lists, which allows user-assisted remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via a crafted .doc file. NOTE: some of these details are...

CVE-2008-2752

Microsoft Word 2000 9.0.2812 and 2003 11.8106.8172 does not properly handle unordered lists, which allows user-assisted remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via a crafted .doc file. NOTE: some of these details are...

Microsoft Word Bulleted List Handling Remote Memory Corruption Vulnerability

Description Microsoft Word is prone to a remote memory-corruption vulnerability. An attacker could exploit this issue by enticing a victim to open and interact with malicious Word files. Successfully exploiting this issue will corrupt memory and crash the application. Given the nature of this...

Microsoft Word 2000/2003 Unchecked Boundary Condition Vulnerability

No description provided by source. /------------------------------------------------------------ Microsoft Word unchecked boundary condition vulnerability. --------------------------------------------------------- One of the functions in mso.dll older versions mso9.dll...

Microsoft Jet Database Engine MDB File Parsing Remote Buffer Overflow Vulnerability

Microsoft Jet Database Engine MDB File Parsing Remote Buffer Overflow Vulnerability. CVE-2007-6026. Dos exploit for windows platform source: http://www.securityfocus.com/bid/26468/info Microsoft Jet Database Engine is prone to a buffer-overflow vulnerability because it fails to properly...

Microsoft Word工作区内存破坏远程代码执行漏洞（MS07-060）

BUGTRAQ ID: 25906 CVECAN ID: CVE-2007-3899 Word是Office办公套件中的文字处理软件。 Word处理特制Word文件的方式中存在一个远程执行代码漏洞，远程攻击者可能利用此漏洞通过诱使用户处理恶意文件控制用户系统。 如果用户打开带有畸形字符串的特制Word文件，该漏洞就可能允许远程执行指令。那些帐户被配置为拥有较少系统用户权限的用户比具有管理用户权限的用户受到的影响要小。 Microsoft Office 2004 for Mac Microsoft Word 2002 SP3 Microsoft Word 2000 SP3 临时解决方法：...

CVE-2007-3899

CVE-2007-3899 concerns memory corruption in Word affecting Word 2000 SP3, Word 2002 SP3, and Office 2004 for Mac. The root cause is a malformed string in a Word file that can be processed by Word, enabling user-assisted remote code execution on vulnerable hosts. The Mac variant is reported in the...

VulnCheck KEV: CVE-2007-3899

Unspecified vulnerability in Microsoft Word 2000 SP3, Word 2002 SP3, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via a malformed string in a Word file, aka "Word Memory Corruption Vulnerability."...

VulnCheck KEV: CVE-2007-0870

Unspecified vulnerability in Microsoft Word 2000 allows remote attackers to cause a denial of service crash via unknown vectors, a different vulnerability than CVE-2006-5994, CVE-2006-6456, CVE-2006-6561, and CVE-2007-0515, a variant of Exploit-MS06-027...