McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
Business Home McAfee Labs Threat Intelligence

(MS09-010) Microsoft WordPad Word 97 Text Converter Stack Overflow Vulnerability (960477)

Threat Detail

Vulnerability Type: Logic error

Impact of Exploitation: Maliciously Crafted File

CVE Reference: N/A

Next Steps:

Overview

A memory corruption vulnerability exists in the WordPad Text Converter for Word 97 which may allow for remote code execution.

A memory corruption vulnerability exists in the WordPad Text Converter for Word 97 which may allow for remote code execution. Successful exploitation would require that a user open a specially-crafted .doc or .rtf file within WordPad. Once opened, memory can become corrupted in a way which may allow for the execution of arbitrary code.

Attack Vector

Maliciously Crafted File

User Interaction

user interaction is needed

Vendor Status

Responded and patched

Vulnerable Systems

Windows 2003 x64   SP2,

Timeline

2008-09-25

A proof of concept has been released.

2008-12-09

Vendor has provided information on the vulnerability.

2009-04-14

Vendor has provided a patch.

Recommendations

The vendor has released a patch to address this issue:
http://www.microsoft.com/technet/security/bulletin/ms09-010.mspx

Recommendations McAfee Product Mitigation

Additional Resources

Vulnerabilities in WordPad and Office Text Converters could allow Remote Code Execution (960477)
http://www.microsoft.com/technet/security/bulletin/ms09-010.mspx

United States - English