Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:4559
HistoryDec 11, 2008 - 12:00 a.m.

Microsoft写字板文件转换器远程代码执行漏洞

2008-12-1100:00:00
Root
www.seebug.org
8

0.897 High

EPSS

Percentile

98.5%

JSON

BUGTRAQ ID: 32718
CVE(CAN) ID: CVE-2008-4841

写字板是Windows操作系统中附件所提供的简单文本编辑工具。

对于没有安装Word的用户,可以使用写字板的文本转换器来打开.doc格式文档。如果用户使用转换器打开了特制的.doc、.wri或.rtf格式文档的话,就可能触发内存破坏,导致执行任意代码。目前这个漏洞正在被积极的利用。

Microsoft Windows XP SP3
Microsoft Windows XP SP2
Microsoft Windows Server 2003 SP2
Microsoft Windows Server 2003 SP1
Microsoft Windows 2000SP4
Microsoft

目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:

<a href=“http://www.microsoft.com/technet/security/” target=“_blank”>http://www.microsoft.com/technet/security/</a>


                                                http://milw0rm.com/sploits/2008-crash.doc.rar

Related

checkpoint_advisories 1
cvelist 2
mskb 1
saint 4
prion 2
cve 2
cert 1
ubuntucve 1
openvas 2
securityvulns 2
nessus 1
checkpoint_advisories
checkpoint_advisories
Microsoft WordPad Word 97 Text Converter List Structure Stack Overflow (MS09-010; CVE-2008-4841)
2009-04-14 00:00:00
cvelist
cvelist
CVE-2008-4841
2008-12-10 13:33:00
CVE-2009-0259
2009-01-22 23:00:00
mskb
mskb
MS09-010: Description of the update for Windows WordPad Converter: April 14, 2009
2018-04-17 00:00:00
saint
saint
Microsoft WordPad Word 97 text converter XST buffer overflow
2009-04-17 00:00:00
Microsoft WordPad Word 97 text converter XST buffer overflow
2009-04-17 00:00:00
Microsoft WordPad Word 97 text converter XST buffer overflow
2009-04-17 00:00:00
prion
prion
Memory corruption
2008-12-10 14:00:00
Memory corruption
2009-01-22 23:30:00
cve
cve
CVE-2008-4841
2008-12-10 14:00:00
CVE-2009-0259
2009-01-22 23:30:00
cert
cert
Microsoft WordPad Text Converter vulnerable to remote code execution
2008-12-11 00:00:00
ubuntucve
ubuntucve
CVE-2009-0259
2009-01-22 00:00:00
openvas
openvas
WordPad and Office Text Converter Memory Corruption Vulnerability (960477)
2008-12-12 00:00:00
WordPad and Office Text Converter Memory Corruption Vulnerability (960477)
2008-12-12 00:00:00
securityvulns
securityvulns
Microsoft Security Bulletin MS09-010 - Critical Vulnerabilities in WordPad and Office Text Converters Could Allow Remote Code Execution &#40;960477&#41;
2009-04-14 00:00:00
Microsoft Wordpad / Microsoft Works multiple security vulnerabilities
2009-06-10 00:00:00
nessus
nessus
MS09-010: Vulnerabilities in WordPad and Office Text Converters Could Allow Remote Code Execution (960477)
2009-04-15 00:00:00

0.897 High

EPSS

Percentile

98.5%

JSON
Related for SSV:4559
checkpoint_advisories1cvelist2mskb1saint4prion2cve2cert1ubuntucve1openvas2securityvulns2nessus1