|
WordPerfect Converter Buffer Overflow
|
|
Secunia Advisory:
|
SA9667
|
|
|
Release Date:
|
2003-09-03
|
|
Last Update:
|
2003-09-08
|
|
Popularity:
|
10,122 views
|
|
|
Critical:
|
Highly critical
|
|
Impact:
|
System access
|
|
Where:
|
From remote
|
|
Solution Status:
|
Vendor Patch
|
|
| Software: | Microsoft Frontpage 2000
Microsoft Frontpage 2002
Microsoft Office 2000
Microsoft Office 97
Microsoft Office XP
Microsoft Publisher 2000
Microsoft Publisher 2002
Microsoft Word 98(J)
Microsoft Works Suite 2001
Microsoft Works Suite 2002
Microsoft Works Suite 2003
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities 
|
|
| CVE reference: | CVE-2003-0666
|
|
Description:
A vulnerability has been identified in the WordPerfect converter included in Microsoft Office, which allows malicious documents to execute arbitrary code on a user's system.
The problem is that certain parameters aren't verified properly before the converter processes the document. This allows malicious documents to cause a buffer overflow, which potentially could lead to execution of arbitrary code.
This may be exploited automatically in Internet Explorer by a malicious website because Internet Explorer automatically lanches the helper application which is installed by Microsoft Office.
Solution:
Apply patches.
Office XP, FrontPage 2002, Publisher 2002, Works 2002, and Works 2003:
http://microsoft.com/downloads/detail...-B39E-2D672C0C223F&displaylang=en
http://www.microsoft.com/office/ork/x...wpft1001a.htm (administrative update)
Office 2000, FrontPage 2000, Publisher 2000, and Works 2001:
http://microsoft.com/downloads/detail...-A739-F7181310FBA7&displaylang=en
Office 97 and Word 98(J):
See the following Microsoft Knowledge Base article for information about how to receive support for Word 97 and for Word 98(J):
http://support.microsoft.com/default.aspx?scid=kb;en-us;827656
Microsoft recommends users to visit Office Update at:
http://www.office.microsoft.com/ProductUpdates/default.aspx
Provided and/or discovered by:
Yuji "The Ninja" Ukai
eEye Digital Security
Changelog:
2003-09-04: Updated with information from eEye.
Original Advisory:
http://www.microsoft.com/technet/security/bulletin/MS03-036.asp
http://www.eeye.com/html/Research/Advisories/AD20030903-1.html
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
