Oval Definition:oval:org.mitre.oval:def:5846
Revision Date:2015-08-10Version:15
Title:WordPad and Office Text converter Memory Corruption Vulnerability
Description:Integer overflow in the text converters in Microsoft Office Word 2002 SP3 and 2003 SP3; Works 8.5; Office Converter Pack; and WordPad in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via a DOC file with an invalid number of property names in the DocumentSummaryInformation stream, which triggers a heap-based buffer overflow.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2009-2506
Platform(s):Microsoft Windows 2000
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s):Microsoft Office Converter Pack
Microsoft Word 2002
Microsoft Word 2003
Microsoft Works 8.5
Definition Synopsis
  • Windows 2000 SP4, Windows XP x86 SP3, Windows Server 2003 x86 SP2
  • Check for Windows 2004 SP4, XP SP3 or 2003 SP2
  • Microsoft Windows 2000 SP4 or later is installed
  • OR Microsoft Windows XP (x86) SP3 is installed
  • OR Microsoft Windows Server 2003 SP2 (x86) is installed
  • AND the version of msconv97.dll is less than 2003.1100.8165.0
  • AND Microsoft Office Converter Pack is installed
  • OR Windows XP x64 SP2, Windows Server 2003 x64/ia64 SP2
  • Check for Windows XP (x64) SP2 or 2003 (x64) SP2
  • Microsoft Windows XP x64 Edition SP2 is installed
  • OR Microsoft Windows Server 2003 SP2 (x64) is installed
  • OR Microsoft Windows Server 2003 (ia64) SP2 is installed
  • AND the version of msconv97.dll is less than 2003.1100.8165.0
  • AND Microsoft Office Converter Pack is installed
  • OR Microsoft Office Word 2002
  • Microsoft Word 2002 is installed
  • AND the version of Mswrd632.cnv is less than 2003.1100.8245.0
  • OR Microsoft Office Word 2003
  • Microsoft Word 2003 is installed
  • AND the version of Mswrd832.cnv is less than 2003.1100.8313.0
  • OR Microsoft Works 8.5
  • Microsoft Works 8.5 is installed
  • AND the version of msconv97.dll is less than 2003.1100.8202.0
  • OR Microsoft Office Converter Pack
  • Microsoft Office Converter Pack is installed
  • AND Microsoft Office 2003 is installed
  • AND the version of msconv97.dll is less than 2003.1100.8202.0
    • BACK