SB2009041401 - Multiple vulnerabilities in Microsoft Windows

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2009041401

SB2009041401 - Multiple vulnerabilities in Microsoft Windows

Published: April 14, 2009 Updated: December 13, 2016

Security Bulletin ID SB2009041401
CSH Severity
Critical
Patch available
YES
Number of vulnerabilities 3
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

Critical 33% High 67%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 3 vulnerabilities.


1) Memory corruption (CVE-ID: CVE-2009-0235)

CWE-ID: CWE-119 - Memory corruption

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber


The vulnerability alows a remote authenticated attacker to execute arbitrary code on the target system.

The weakness exists due to buffer overflow when parsing a malformed Word 97 document in Microsoft WordPad. A remote attacker can create a specially crafted Word file, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system with privileges of the current user.

Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.

2) Stack-based buffer overflow (CVE-ID: CVE-2009-0088)

CWE-ID: CWE-121 - Stack-based buffer overflow

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber


The vulnerability alows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to stack overflow when parsing a malformed WordPerfect document. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system with privileges of the current user.

Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.

3) Memory corruption (CVE-ID: CVE-2009-0087)

CWE-ID: CWE-119 - Memory corruption

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Red


The vulnerability alows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to buffer overflow when process documents in Microsoft WordPad and Microsoft Office converter. A remote attacker can create a specially crafted Word file containing a malformed data, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system with privileges of the current user.

Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.

Note: the vulnerability was being actively exploited.

Remediation

Install update from vendor's website.

References