Back to search
CVE-2009-0235
Published: Apr 15, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
Stack-based buffer overflow in the Word 97 text converter in WordPad in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted Word 97 file that triggers memory corruption, related to use of inconsistent integer data sizes for an unspecified length field, aka "WordPad Word 97 Text Converter Stack Overflow Vulnerability."
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
34470
vdb-entry
x_refsource_BID
1022043
vdb-entry
x_refsource_SECTRACK
TA09-104A
third-party-advisory
x_refsource_CERT
53664
vdb-entry
x_refsource_OSVDB
oval:org.mitre.oval:def:5893
vdb-entry
signature
x_refsource_OVAL
20090414 Microsoft WordPad Word97 Converter Stack Buffer Overflow Vulnerability
third-party-advisory
x_refsource_IDEFENSE
MS09-010
vendor-advisory
x_refsource_MS
ADV-2009-1024
vdb-entry
x_refsource_VUPEN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now