Microsoft Works File Converter field length buffer overflow
Added: 02/19/2008CVE: CVE-2008-0108
BID: 27659
OSVDB: 41459
Background
The Microsoft Works File Converter allows Microsoft Office to open Microsoft Works files.Problem
A buffer overflow vulnerability in the Microsoft Works File Converter allows arbitrary command execution when a user opens a .wps file with specially crafted field lengths.Resolution
Apply the update referenced in Microsoft Security Bulletin 08-011.References
http://www.microsoft.com/technet/security/bulletin/ms08-011.mspxLimitations
Exploit works on Microsoft Word 2003 SP3 and requires a user to open the exploit file.Platforms
WindowsBack to exploit index