4 matches found
Microsoft Word 2000 WordPerfect转换器栈溢出漏洞(MS09-010)
BUGTRAQ ID: 34469 CVECAN ID: CVE-2009-0088 Word是微软Office套件中的文件处理工具。 Word可以通过应用过滤器模块将其他应用程序所创建的文档转换为Word可使用的格式。Word 2000所使用的WordPerfect 6.x转换器的转换代码没有对数据结构所分配的长度正确的验证计数器,如果解析了特制的WordPerfect文档就可能触发栈溢出,导致执行任意代码。 Microsoft Word 2000 SP3 临时解决方法: 不要打开或保存从不可信任来源接收到的或从可信任来源意外接收到的Microsoft Office文件。...
CVE-2009-0088
The WordPerfect 6.x Converter WPFT632.CNV, 1998.1.27.0 in Microsoft Office Word 2000 SP3 and Microsoft Office Converter Pack does not properly validate the length of an unspecified string, which allows remote attackers to execute arbitrary code via a crafted WordPerfect 6.x file, related to an...
CVE-2009-0088
The WordPerfect 6.x Converter WPFT632.CNV, 1998.1.27.0 in Microsoft Office Word 2000 SP3 and Microsoft Office Converter Pack does not properly validate the length of an unspecified string, which allows remote attackers to execute arbitrary code via a crafted WordPerfect 6.x file, related to an...
iDefense Security Advisory 04.14.09: Microsoft Word 2000 WordPerfect 6.x Converter Stack Corruption Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDefense Security Advisory 04.14.09 http://labs.idefense.com/intelligence/vulnerabilities/ Apr 14, 2009 I. BACKGROUND Word 2000 is a word processing application included with the Microsoft Office 2000 software. The WordPerfect Converter is a tool used...