MS.Word.WordPerfect.Converter.Parsing

NameMS.Word.WordPerfect.Converter.Parsing.Stack.Overflow
Release DateJun 23, 2009
SeverityCritical
ImpactSystem compromise
DescriptionThis indicates a possible attack against a stack-based overflow vulnerability in WordPerfect 6.x Converter in Microsoft Office Word 2000 SP3.

The vulnerability is caused by the inability of Microsoft Office Converter to properly check the length field in a WordPerfect 6.x file, leading to possible remote arbitrary code execution.
Affected ProductsWordPerfect 6.x Converter in Microsoft Office Word 2000 SP3
Recommended ActionsPlease refer to the Microsoft advisory for detailed information and patches:
http://www.microsoft.com/technet/security/Bulletin/MS09-010.mspx
Common Vulnerabilities and Exposures (CVE)http://cve.mitre.org/cgi-bin/cvename.cgi?name=2009-0088
Microsoft Bulletin IDMS09-010   http://www.microsoft.com/technet/security/Bulletin/ms09-010.mspx
Reference: VID-17391