Internet threat level: 1
Home→Descriptions→SA13462
Microsoft Word for Windows Converter Buffer Overflow Vulnerabilities
| Secunia ID | |
| CVE-ID | |
| Release Date |
14 Dec 2004 |
| Last Change |
15 Dec 2004 |
| Criticality | |
| Solution Status |
Vendor Patch |
| Where | |
| Impact |
System accessThis covers vulnerabilities where malicious people are able to gain system access and execute arbitrary code with the privileges of a local user. |
| Description |
Some vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system. The vulnerabilities are caused due to boundary errors in the table and font conversion in the Word for Windows 6.0 converter. This can be exploited to cause a buffer overflow by e.g. tricking a user into opening a malicious ".wri", ".rtf", or ".doc" document in WordPad. Successful exploitation allows execution of arbitrary code. NOTE: Exploitation requires that the handler for Word for Windows 6.0 converter is enabled. |
| Solution |
Apply patches. Microsoft Windows NT Server 4.0 (requires Service Pack 6a): Microsoft Windows NT Server 4.0 Terminal Server Edition (requires Service Pack 6): Microsoft Windows 2000 (requires Service Pack 3 or Service Pack 4): Microsoft Windows XP (requires Service Pack 1 or Service Pack 2): Microsoft Windows XP 64-Bit Edition (requires Service Pack 1): Microsoft Windows XP 64-Bit Edition Version 2003: Microsoft Windows Server 2003: Microsoft Windows Server 2003 64-Bit Edition: For other versions of Microsoft Windows, disable the Word for Windows converter. |
| Reported by |
Greg Jones of KPMG UK and Lord Yup. |
| Original Advisory |
MS04-041 (KB885836): iDEFENSE: |
© 1997-2012 Kaspersky Lab ZAO. All Rights Reserved.
Industry-leading Antivirus Software.
Registered trademarks and service marks are the property of their respective owners.