Executive Summary
| Summary | |
|---|---|
| Title | Vulnerabilities in Microsoft Works File Converter Could Allow Remote Code Execution (947081) |
| Informations | |||
|---|---|---|---|
| Name | MS08-011 | First vendor Publication | 2008-02-12 |
| Vendor | Microsoft | Last vendor Modification | 2008-02-12 |
| Severity (Vendor) | Important | Revision | N/A |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 9.3 | Attack Range | Network |
| Cvss Impact Score | 10 | Attack Complexity | Medium |
| Cvss Expoit Score | 8.6 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| This important security update resolves three privately reported vulnerabilities in the Microsoft Works File Converter. These vulnerabilities could allow remote code execution if a user opens a specially crafted Works (.wps) file with an affected version of Microsoft Office, Microsoft Works, or Microsoft Works Suite. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. |
Original Source
| Url : http://www.microsoft.com/technet/security/bulletin/ms08-011.mspx |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 67 % | CWE-20 | Improper Input Validation |
| 33 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:5009 | |||
| Oval ID: | oval:org.mitre.oval:def:5009 | ||
| Title: | Microsoft Works File Converter Index Table Vulnerability | ||
| Description: | Microsoft Works 6 File Converter, as used in Office 2003 SP2 and SP3, Works 8.0, and Works Suite 2005, allows remote attackers to execute arbitrary code via a .wps file with crafted section header index table information, aka "Microsoft Works File Converter Index Table Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2008-0105 | Version: | 2 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | Microsoft Office 2003 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:5202 | |||
| Oval ID: | oval:org.mitre.oval:def:5202 | ||
| Title: | Microsoft Works File Converter Field Length Vulnerability | ||
| Description: | Stack-based buffer overflow in wkcvqd01.dll in Microsoft Works 6 File Converter, as used in Office 2003 SP2 and SP3, Works 8.0, and Works Suite 2005, allows remote attackers to execute arbitrary code via a .wps file with crafted field lengths, aka "Microsoft Works File Converter Field Length Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2008-0108 | Version: | 2 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | Microsoft Office 2003 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:5309 | |||
| Oval ID: | oval:org.mitre.oval:def:5309 | ||
| Title: | Microsoft Works File Converter Input Validation Vulnerability | ||
| Description: | wkcvqd01.dll in Microsoft Works 6 File Converter, as used in Office 2003 SP2, Works 8.0, and Works Suite 2005, allows remote attackers to execute arbitrary code via a .wps file with crafted section length headers, aka "Microsoft Works File Converter Input Validation Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2007-0216 | Version: | 2 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | Microsoft Office 2003 |
| Definition Synopsis: | |||
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 2 | |
| Application | 2 |
SAINT Exploits
| Description | Link |
|---|---|
| Microsoft Works File Converter index table vulnerability | More info here |
| Microsoft Works File Converter field length buffer overflow | More info here |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 41459 | Microsoft Works File Converter .wps File Multiple Field Handling Arbitrary Co... |
| 41458 | Microsoft Works File Converter .wps File Header Index Table Handling Arbitrar... |
| 41457 | Microsoft Works File Converter .wps Format Header Handling Arbitrary Code Exe... |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2017-03-01 | Microsoft Works file converter field length invalid chunk size buffer overflo... RuleID : 41453 - Revision : 1 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Works file converter file section header index table stack overflow... RuleID : 17304 - Revision : 11 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Works file converter field length invalid chunk size buffer overflo... RuleID : 13472 - Revision : 16 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Works file converter file section length headers memory corruption ... RuleID : 13466 - Revision : 18 - Type : FILE-OFFICE |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2008-06-09 | Name : Arbitrary code can be executed on the remote host through Microsoft Office. File : smb_nt_ms08-011.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 11:45:54 |
|
| 2014-01-19 21:30:10 |
|
| 2013-05-11 00:49:18 |
|
