|
Microsoft Windows WordPad / Office Text Converters Vulnerabilities
|
|
Secunia Advisory:
|
SA32997
|
|
|
Release Date:
|
2008-12-09
|
|
Last Update:
|
2009-04-16
|
|
Popularity:
|
9,592 views
|
|
|
Critical:
|
Extremely critical
|
|
Impact:
|
System access
|
|
Where:
|
From remote
|
|
Solution Status:
|
Vendor Patch
|
|
| OS: | Microsoft Windows 2000 Advanced Server
Microsoft Windows 2000 Datacenter Server
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Server
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Web Edition
Microsoft Windows Storage Server 2003
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional
|
|
| Software: | Microsoft Office 2000
Microsoft Office File Converter Pack
Microsoft Office XP
Microsoft Word 2000
Microsoft Word 2002
|
|
|
Binary Analysis:
|
BA717 :: Available for 1 Credit 
BA727 :: Available for 1 Credit
|
|
|
Secunia CVSS-2 Score:
|
Available in Secunia business solutions
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities
|
|
| Advisory Content (Page 2 of 3) | [ 1 ] [ 2 ] [ 3 ] | |
|
Solution:
Apply patches.
Windows 2000 SP4:
http://www.microsoft.com/downloads/de...=552d322a-5282-42c7-9c1e-1d8c494a7318
Windows XP SP2/SP3:
http://www.microsoft.com/downloads/de...=50a8519a-503e-43dd-a78a-c1bc764fd213
Windows XP Professional x64 Edition (optionally with SP2):
http://www.microsoft.com/downloads/de...=323f4211-5add-4e02-bce1-e5a1b489982c
Windows Server 2003 SP1/SP2:
http://www.microsoft.com/downloads/de...=2233a4d2-7c8a-4c89-b020-100d9afb43c8
Windows Server 2003 x64 Edition (optionally with SP2):
http://www.microsoft.com/downloads/de...=323f4211-5add-4e02-bce1-e5a1b489982c
Windows Server 2003 with SP1/SP2 for Itanium-based Systems:
http://www.microsoft.com/downloads/de...=e840b9cb-f1f4-482a-aa07-eb6b42b477c4
Microsoft Office Word 2000 SP3:
http://www.microsoft.com/downloads/de...=95876927-e612-414c-bdec-3632a3100415
Microsoft Office Word 2002 SP3:
http://www.microsoft.com/downloads/de...=e1db55c6-78fb-498d-89a5-9ad54d971546
Microsoft Office File Converter Pack:
http://www.microsoft.com/downloads/de...=d763fae3-b2af-47f9-a554-ec786766b3c3
Provided and/or discovered by:
1) Reported as a 0-day.
2) The vendor credits Fortinet FortiGuard Global Security Research Team.
3) an anonymous researcher, reported via iDefense
4) Sean Larsson and Jun Mao, iDefense
Changelog:
2008-12-12: Updated "Other References" section.
2009-04-14: Added additional information from Microsoft. Updated "Solution" section.
2009-04-15: Added iDefense link to the "Original Advisory" section.
2009-04-16: Added additional iDefense link to the "Original Advisory" section.
Original Advisory:
MS09-010 (KB960477, KB921606, KB933399, KB960476):
http://www.microsoft.com/technet/security/Bulletin/MS09-010.mspx
Microsoft (KB960906):
http://www.microsoft.com/technet/security/advisory/960906.mspx
iDefense:
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=782
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=783
Other References:
US-CERT VU#926676:
http://www.kb.cert.org/vuls/id/926676
Change Page:
[ 1 ] [ 2 ] [ 3 ]
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
