CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
98.6%
Added: 06/15/2009
CVE: CVE-2009-1533
BID: 35184
OSVDB: 54939
The Microsoft Works File Converter allows Microsoft Office to open Microsoft Works files.
A buffer overflow vulnerability in the Microsoft Works File Converter allows command execution when a user opens a WPS file containing a specially crafted FontName in a Font structure.
Apply the patch referenced in Microsoft Security Bulletin 09-024.
<http://www.microsoft.com/technet/security/bulletin/ms09-024.mspx>
Exploit works on Microsoft Word 2002 SP3 and requires a user to open the exploit file.
Windows XP