MS.Works.File.Converter.Chunk.Field.Length.Weakness

description-logoDescription

This indicates an attempt to exploit one of several remote command-execution vulnerabilities in Microsoft Office, Works, and Works Suite.
The vulnerabilities are caused by an error that occurs when the vulnerable software handles a malicious .WPS file. It allows a remote attacker to execute arbitrary code by opening a crafted .WPS file.

affected-products-logoAffected Products

Microsoft Office 2003 Service Pack 2
Microsoft Office 2003 Service Pack 3
Microsoft Works 8.0
Microsoft Works Suite 2005
Microsoft Works 6 File Converter

Impact logoImpact

System compromise

recomended-action-logoRecommended Actions

Apply the patch available from the web site:
http://www.microsoft.com/technet/security/bulletin/ms08-011.mspx

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)