Executive Summary
Summary | |
---|---|
Title | Vulnerability in Microsoft Works Converters Could Allow Remote Code Execution (957632) |
Informations | |||
---|---|---|---|
Name | MS09-024 | First vendor Publication | 2009-06-09 |
Vendor | Microsoft | Last vendor Modification | 2009-10-13 |
Severity (Vendor) | Critical | Revision | 1.1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Revision Note: V1.1 (October 13, 2009): Bulletin revised to announce the addition of language localizations to the update for Works 9. Customers who have already successfully applied the original update to Works 9 are not affected by this revision.Summary: This security update resolves a privately reported vulnerability in the Microsoft Works converters. The vulnerability could allow remote code execution if a user opens a specially crafted Works file. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. |
Original Source
Url : http://www.microsoft.com/technet/security/bulletin/MS09-024.mspx |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:6292 | |||
Oval ID: | oval:org.mitre.oval:def:6292 | ||
Title: | File Converter Buffer Overflow Vulnerability | ||
Description: | Buffer overflow in the Works for Windows document converters in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, Office 2007 SP1, and Works 8.5 and 9 allows remote attackers to execute arbitrary code via a crafted Works .wps file that triggers memory corruption, aka "File Converter Buffer Overflow Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-1533 | Version: | 1 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 | Product(s): | Microsoft Word 2000 Microsoft Word 2002 Microsoft Word 2003 Microsoft Word 2007 Microsoft Works 8.5 Microsoft Works 9 |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 2 | |
Application | 1 | |
Application | 2 |
SAINT Exploits
Description | Link |
---|---|
Microsoft Works File Converter FontName buffer overflow | More info here |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
54939 | Microsoft Office Works for Windows File Converter .wps Handling Overflow |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2009-06-11 | IAVM : 2009-B-0025 - Microsoft Works Converter Remote Code Execution Vulnerability Severity : Category II - VMSKEY : V0019406 |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Microsoft Works 4.x converter font name buffer overflow attempt RuleID : 18616 - Revision : 10 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Works 4.x converter font name buffer overflow attempt RuleID : 18615 - Revision : 14 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Works 4.x converter font name buffer overflow attempt RuleID : 15526 - Revision : 13 - Type : FILE-OFFICE |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2009-06-10 | Name : Arbitrary code can be executed on the remote host through Microsoft Office. File : smb_nt_ms09-024.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:46:14 |
|
2014-01-19 21:30:19 |
|
2013-11-11 12:41:12 |
|
2013-05-11 00:49:29 |
|