Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:5103
HistoryApr 25, 2009 - 12:00 a.m.

Microsoft写字板和Office文本转换器内存破坏漏洞(MS09-010)

2009-04-2500:00:00
Root
www.seebug.org
16

0.743 High

EPSS

Percentile

98.2%

JSON

BUGTRAQ ID: 29769
CVE(CAN) ID: CVE-2009-0087

写字板是Windows操作系统中附件所提供的简单文本编辑工具。

如果用户打开了包含有畸形数据的特制Word 6文件的话,写字板和Microsoft Office中的内存破坏漏洞可能导致执行任意代码。

Microsoft Windows XP SP3
Microsoft Windows XP SP2
Microsoft Windows Server 2003 SP2
Microsoft Windows Server 2003 SP1
Microsoft Windows 2000SP4
Microsoft Word 2002 SP3
Microsoft Word 2000 SP3
临时解决方法:

  • 不要使用受影响版本的写字板或Microsoft Office打开或保持从不可信任来源接收到的或从可信任来源意外接收到的Microsoft Office文件。

  • 通过限制访问禁用Word 6转换器:

echo y| cacls "%ProgramFiles%\Windows NT\Accessories\mswrd6.wpc" /E /P everyone:N
echo y| cacls "%ProgramFiles%\Common Files\Microsoft Shared\TextConv\mswrd632.wpc" /E /P everyone:N
echo y| cacls "%ProgramFiles%\Common Files\Microsoft Shared\TextConv\mswrd632.cnv" /E /P everyone:N
echo y| cacls "%ProgramFiles(x86)%\Common Files\Microsoft Shared\TextConv\mswrd632.wpc" /E /P everyone:N
echo y| cacls "%ProgramFiles(x86)%\Common Files\Microsoft Shared\TextConv\mswrd632.cnv" /E /P everyone:N
echo y| cacls "%ProgramFiles%\Windows NT\Accessories\mswrd664.wpc" /E /P everyone:N
echo y| cacls "%ProgramFiles(x86)%\Windows NT\Accessories\mswrd6.wpc" /E /P everyone:N

厂商补丁:

Microsoft

Microsoft已经为此发布了一个安全公告(MS09-010)以及相应补丁:
MS09-010:Vulnerabilities in WordPad and Office Text Converters Could Allow Remote Code Execution (960477)
链接:<a href=“http://www.microsoft.com/technet/security/bulletin/MS09-010.mspx?pf=true” target=“_blank”>http://www.microsoft.com/technet/security/bulletin/MS09-010.mspx?pf=true</a>


                                                http://www.nullcode.com.ar/ncs/crash/video.htm
http://www.nullcode.com.ar/ncs/crash/video.htm
http://www.nullcode.com.ar/ncs/crash/video2.htm
http://www.nullcode.com.ar/ncs/crash/video2.htm

Related

prion 1
cve 1
nvd 1
cvelist 1
checkpoint_advisories 2
openvas 2
securityvulns 2
nessus 1
prion
prion
Memory corruption
2009-04-15 08:00:00
cve
cve
CVE-2009-0087
2009-04-15 08:00:00
nvd
nvd
CVE-2009-0087
2009-04-15 08:00:00
cvelist
cvelist
CVE-2009-0087
2009-04-15 03:49:00
checkpoint_advisories
checkpoint_advisories
Microsoft Office Text Converter Integer Underflow Code Execution - Ver2 (CVE-2009-0087)
2014-03-03 00:00:00
Microsoft Word 6 and Windows Write Converters Memory Corruption (MS09-010; CVE-2009-0087)
2009-04-14 00:00:00
openvas
openvas
WordPad and Office Text Converter Memory Corruption Vulnerability (960477)
2008-12-12 00:00:00
WordPad and Office Text Converter Memory Corruption Vulnerability (960477)
2008-12-12 00:00:00
securityvulns
securityvulns
Microsoft Security Bulletin MS09-010 - Critical Vulnerabilities in WordPad and Office Text Converters Could Allow Remote Code Execution &#40;960477&#41;
2009-04-14 00:00:00
Microsoft Wordpad / Microsoft Works multiple security vulnerabilities
2009-06-10 00:00:00
nessus
nessus
MS09-010: Vulnerabilities in WordPad and Office Text Converters Could Allow Remote Code Execution (960477)
2009-04-15 00:00:00

0.743 High

EPSS

Percentile

98.2%

JSON
Related for SSV:5103
prion1cve1nvd1cvelist1checkpoint_advisories2openvas2securityvulns2nessus1