Windows : Vulnerability in WordPerfect Converter (884933)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.14732

Categoría: Windows

Título: Vulnerability in WordPerfect Converter (884933)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is running a version of Microsoft Office which contains
a flaw in its WordPerfect converter, which might allow an attacker to
execute arbitrary code on the remote host.

To exploit this flaw, an attacker would need to send a specially crafted file
to a user on the remote host and wait for him to open it using Microsoft Office.

When opening the malformed file, Microsoft Office will encounter a buffer
overflow which may be exploited to execute arbitrary code.

Solution : http://www.microsoft.com/technet/security/bulletin/ms04-027.mspx
Risk factor : High

Referencia Cruzada: BugTraq ID: 11172
Common Vulnerability Exposure (CVE) ID: CVE-2004-0573
Bugtraq: 20040914 Microsoft Office WordPerfect Converter Buffer Overflow Vulnerability (Google Search)
http://marc.info/?l=bugtraq&m=109519646030906&w=2
CERT/CC vulnerability note: VU#449438
http://www.kb.cert.org/vuls/id/449438
Microsoft Security Bulletin: MS04-027
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-027
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2670
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3311
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3333
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4005
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5021
http://securitytracker.com/id?1011249
http://securitytracker.com/id?1011250
http://securitytracker.com/id?1011251
http://securitytracker.com/id?1011252
http://secunia.com/advisories/12529
XForce ISS Database: wordperfect-converter-message-bo(17306)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17306

Copyright This script is Copyright (C) 2004 Tenable Network Security

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.14732
Categoría:	Windows
Título:	Vulnerability in WordPerfect Converter (884933)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is running a version of Microsoft Office which contains a flaw in its WordPerfect converter, which might allow an attacker to execute arbitrary code on the remote host. To exploit this flaw, an attacker would need to send a specially crafted file to a user on the remote host and wait for him to open it using Microsoft Office. When opening the malformed file, Microsoft Office will encounter a buffer overflow which may be exploited to execute arbitrary code. Solution : http://www.microsoft.com/technet/security/bulletin/ms04-027.mspx Risk factor : High
Referencia Cruzada:	BugTraq ID: 11172 Common Vulnerability Exposure (CVE) ID: CVE-2004-0573 Bugtraq: 20040914 Microsoft Office WordPerfect Converter Buffer Overflow Vulnerability (Google Search) http://marc.info/?l=bugtraq&m=109519646030906&w=2 CERT/CC vulnerability note: VU#449438 http://www.kb.cert.org/vuls/id/449438 Microsoft Security Bulletin: MS04-027 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-027 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2670 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3311 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3333 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4005 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5021 http://securitytracker.com/id?1011249 http://securitytracker.com/id?1011250 http://securitytracker.com/id?1011251 http://securitytracker.com/id?1011252 http://secunia.com/advisories/12529 XForce ISS Database: wordperfect-converter-message-bo(17306) https://exchange.xforce.ibmcloud.com/vulnerabilities/17306
Copyright	This script is Copyright (C) 2004 Tenable Network Security