09 Jun 2009
11 Jun 2009
Microsoft Office 2000
This covers vulnerabilities where malicious people are able to gain system access and execute arbitrary code with the privileges of a local user.
Two vulnerabilities have been reported in Microsoft Office Word, which can be exploited by malicious people to compromise a user's system.
1) A boundary error when parsing invalid length fields in certain records can be exploited to cause a stack-based buffer overflow via a specially crafted Word document.
2) Another boundary error when parsing certain records can be exploited to cause a buffer overflow via a specially crafted Word document.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
Microsoft Office Word 2000 SP3:
Microsoft Office Word 2002 SP3:
Microsoft Office Word 2003 SP3:
Microsoft Office Word 2007 SP1:
Microsoft Office Word 2007 SP2:
Microsoft Office 2004 for Mac:
Microsoft Office 2008 for Mac:
Open XML File Format Converter for Mac:
Microsoft Office Word Viewer 2003 SP3:
Microsoft Office Word Viewer:
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1:
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2:
1) ling & wushi of team509, reported via ZDI
MS09-027 (KB969514, KB969600, KB969602, KB969603, KB969604, KB969613, KB969614, KB969661, KB971822, KB971824):