Microsoft Office 2003 WPS file reading stack overflow exploit that launches calc.exe.
204078ab39d2ecc5b246fa57f02d22aff5e783cfaed8c940cde5d6f71e396d3eiDefense Security Advisory 02.12.08 - Remote exploitation of a buffer overflow vulnerability in Microsoft Corp.'s Works Converter allows attackers to execute arbitrary code as the current user. This vulnerability stems from improper input validation of section length headers when converting a Microsoft Works document (WPS extension) to Rich Text Format (RTF). When certain fields are modified, such as the length or count values, a stack-based buffer overflow occurs. This leads to a directly exploitable condition. iDefense confirmed that wkcvqd01.dll version 7.03.0616.0, as included with Microsoft Office 2003, is vulnerable. Older versions of Microsoft Office as well as Microsoft Works are also assumed vulnerable.
207cf5b468a23064f67c4182942fefed2de146debb30ce9c6b79cfdd7b4223b3
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed