Integer overflow in the text converters in Microsoft Office Word 2002 SP3 and 2003 SP3; Works 8.5; Office Converter Pack; and WordPad in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote malicious users to execute arbitrary code via a DOC file with an invalid number of property names in the DocumentSummaryInformation stream, which triggers a heap-based buffer overflow.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft windows_xp |
||
microsoft windows_2000 |
||
microsoft windows_server_2003 |
||
microsoft works 8.5 |
||
microsoft office_converter_pack |
||
microsoft office_word 2002 |
||
microsoft office_word 2003 |
||
microsoft wordpad |