Executive Summary
Summary | |
---|---|
Title | Vulnerability in WordPad and Office Text Converters Could Allow Remote Code Execution (975539) |
Informations | |||
---|---|---|---|
Name | MS09-073 | First vendor Publication | 2009-12-08 |
Vendor | Microsoft | Last vendor Modification | 2010-01-27 |
Severity (Vendor) | Important | Revision | 2.1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Revision Note: V2.1 (January 27, 2010): Corrected erroneous entries in the Executive Summary, Update FAQ, and Vulnerability FAQ to clarify that the Microsoft Office XP Service Pack 3 (KB975008) and Microsoft Office 2003 Service Pack 3 (KB975051) update packages do not apply to Microsoft Office Word but only to text converters used by other Microsoft Office applications in order to read Word files. This is an informational change only.Summary: This security update resolves a privately reported vulnerability in Microsoft WordPad and Microsoft Office text converters. The vulnerability could allow remote code execution if a specially crafted Word 97 file is opened in WordPad or Microsoft Office Word. An attacker who successfully exploited this vulnerability could gain the same privileges as the user. Users whose accounts are configured to have fewer privileges on the system could be less impacted than users who operate with administrative privileges. |
Original Source
Url : http://www.microsoft.com/technet/security/bulletin/MS09-073.mspx |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:5846 | |||
Oval ID: | oval:org.mitre.oval:def:5846 | ||
Title: | WordPad and Office Text converter Memory Corruption Vulnerability | ||
Description: | Integer overflow in the text converters in Microsoft Office Word 2002 SP3 and 2003 SP3; Works 8.5; Office Converter Pack; and WordPad in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via a DOC file with an invalid number of property names in the DocumentSummaryInformation stream, which triggers a heap-based buffer overflow. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-2506 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | Microsoft Word 2002 Microsoft Word 2003 Microsoft Works 8.5 Microsoft Office Converter Pack |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 | |
Application | 2 | |
Application | 1 | |
Application | 1 | |
Os | 1 | |
Os | 1 | |
Os | 3 |
OpenVAS Exploits
Date | Description |
---|---|
2009-12-09 | Name : WordPad and Office Text Converters Remote Code Execution Vulnerability (975539) File : nvt/secpod_ms09-073.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
60834 | Microsoft WordPad / Office Text Converters Word97 File Handling Memory Corrup... |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2009-12-10 | IAVM : 2009-A-0128 - Microsoft WordPad and Office Text Converters Remote Code Execution Vulnerability Severity : Category II - VMSKEY : V0021551 |
Snort® IPS/IDS
Date | Description |
---|---|
2019-10-10 | Microsoft Windows WordPad and Office text converter integer overflow attempt RuleID : 51473 - Revision : 1 - Type : FILE-OFFICE |
2019-10-10 | Microsoft Windows WordPad and Office text converter integer overflow attempt RuleID : 51472 - Revision : 1 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Windows WordPad and Office text converter integer overflow attempt RuleID : 16314 - Revision : 11 - Type : FILE-OFFICE |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2009-12-08 | Name : Arbitrary code can be executed on the remote host through opening a Microsoft... File : smb_nt_ms09-073.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2016-04-26 22:58:16 |
|
2014-02-17 11:46:25 |
|
2014-01-19 21:30:25 |
|
2013-11-11 12:41:15 |
|