Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:0652E5E0F2FF5BFE43EB807BFF9C1887
HistoryApr 23, 2009 - 12:00 a.m.

Microsoft WordPad Word97 text converter buffer overflow

2009-04-2300:00:00
SAINT Corporation
www.saintcorporation.com
19

EPSS

0.883

Percentile

98.7%

JSON

Added: 04/23/2009
CVE: CVE-2009-0235
BID: 34470
OSVDB: 53664

Background

The Microsoft WordPad Word 97 text converter allows Windows users who do not have Microsoft Word to open Word 97 files.

Problem

A buffer overflow vulnerability in the Word 97 text converter allows command execution when a user opens a specially crafted file containing an invalid character position value.

Resolution

Apply the patch referenced in Microsoft Security Bulletin 09-010.

References

<http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=783&gt;

Limitations

Exploit works on Windows 2000 SP4 and requires a user to open the exploit file in WordPad.

Platforms

Windows 2000

Related

checkpoint_advisories 1
cve 1
saint 3
seebug 1
prion 1
cvelist 1
securityvulns 3
nvd 1
openvas 2
threatpost 1
nessus 1
checkpoint_advisories
checkpoint_advisories
Microsoft WordPad Word 97 Text Converter Text Location Stack Overflow (MS09-010; CVE-2009-0235)
2009-04-14 00:00:00
cve
cve
CVE-2009-0235
2009-04-15 08:00:00
saint
saint
Microsoft WordPad Word97 text converter buffer overflow
2009-04-23 00:00:00
Microsoft WordPad Word97 text converter buffer overflow
2009-04-23 00:00:00
Microsoft WordPad Word97 text converter buffer overflow
2009-04-23 00:00:00
seebug
seebug
Microsoft Wordpad Word 97θ½¬ζ’ε™¨θΏœη¨‹δ»£η ζ‰§θ‘ŒζΌζ΄žοΌˆMS09-010οΌ‰
2009-04-16 00:00:00
prion
prion
Stack overflow
2009-04-15 08:00:00
cvelist
cvelist
CVE-2009-0235
2009-04-15 03:49:00
securityvulns
securityvulns
iDefense Security Advisory 04.15.09: Microsoft WordPad Word97 Converter Stack Buffer Overflow Vulnerability
2009-04-16 00:00:00
Microsoft Security Bulletin MS09-010 - Critical Vulnerabilities in WordPad and Office Text Converters Could Allow Remote Code Execution &#40;960477&#41;
2009-04-14 00:00:00
Microsoft Wordpad / Microsoft Works multiple security vulnerabilities
2009-06-10 00:00:00
nvd
nvd
CVE-2009-0235
2009-04-15 08:00:00
openvas
openvas
WordPad and Office Text Converter Memory Corruption Vulnerability (960477)
2008-12-12 00:00:00
WordPad and Office Text Converter Memory Corruption Vulnerability (960477)
2008-12-12 00:00:00
threatpost
threatpost
Microsoft plugs gaping holes in IE, Excel, Windows
2009-04-14 17:56:32
nessus
nessus
MS09-010: Vulnerabilities in WordPad and Office Text Converters Could Allow Remote Code Execution (960477)
2009-04-15 00:00:00

EPSS

0.883

Percentile

98.7%

JSON
Related for SAINT:0652E5E0F2FF5BFE43EB807BFF9C1887
checkpoint_advisories1cve1saint3seebug1prion1cvelist1securityvulns3nvd1openvas2threatpost1nessus1