| Name | MS.Word.WordPerfect.Converter.Parsing.Stack.Overflow |
| Release Date | Jun 23, 2009 |
| Severity | Critical |
| Impact | System compromise |
| Description | This indicates a possible attack against a stack-based overflow vulnerability in WordPerfect 6.x Converter in Microsoft Office Word 2000 SP3.
The vulnerability is caused by the inability of Microsoft Office Converter to properly check the length field in a WordPerfect 6.x file, leading to possible remote arbitrary code execution. |
| Affected Products | WordPerfect 6.x Converter in Microsoft Office Word 2000 SP3 |
| Recommended Actions | Please refer to the Microsoft advisory for detailed information and patches:
http://www.microsoft.com/technet/security/Bulletin/MS09-010.mspx |
| Common Vulnerabilities and Exposures (CVE) | http://cve.mitre.org/cgi-bin/cvename.cgi?name=2009-0088
|
| Microsoft Bulletin ID | MS09-010 http://www.microsoft.com/technet/security/Bulletin/ms09-010.mspx |