فا

‫ Microsoft Office Multiple WordPerfect Document Parsing Vulnerabilities

IRCAD2013112981
ID: IRCAD2013112981
Release Date: 2013-11-12
Criticality level: Highly critical
Software:
Microsoft Office 2003 Professional Edition
Microsoft Office 2003 Small Business Edition
Microsoft Office 2003 Standard Edition
Microsoft Office 2003 Student and Teacher Edition
Microsoft Office 2007
Microsoft Office 2010
Microsoft Office 2013
Microsoft Office 2013 RT
Description:
Multiple vulnerabilities have been reported in Microsoft Office, which can be exploited by malicious people to compromise a user's system.
1) An error when parsing WordPerfect documents files (.wpd) and can be exploited to corrupt memory.
2) An error when parsing WordPerfect documents files (.wpd) and can be exploited to cause a stack-based buffer overflow.
3) An error when parsing WordPerfect documents files (.wpd) and can be exploited to cause a heap-based buffer overflow.
Successful exploitation allows execution of arbitrary code.
Solution
Apply updates.
Microsoft Office 2007
Microsoft Office 2010
Microsoft Office 2013
References:
MS13-091 (KB2760494, KB2760415, KB2553284, KB2760781, KB2768005):
Secunia:
http://secunia.com/advisories/55539/

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 25 آبان 1392

امتیاز

امتیاز شما
تعداد امتیازها: 0