Description: A vulnerability has been identified in the WordPerfect converter included in Microsoft Office, which allows malicious documents to execute arbitrary code on a user's system.
The problem is that certain parameters aren't verified properly before the converter processes the document. This allows malicious documents to cause a buffer overflow, which potentially could lead to execution of arbitrary code.
This may be exploited automatically in Internet Explorer by a malicious website because Internet Explorer automatically lanches the helper application which is installed by Microsoft Office.
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.