Intrusion Prevention

MS.Word.WordPerfect.Converter.Parsing.Stack.Overflow

Description

This indicates a possible attack against a stack-based overflow vulnerability in WordPerfect 6.x Converter in Microsoft Office Word 2000 SP3.
The vulnerability is caused by the inability of Microsoft Office Converter to properly check the length field in a WordPerfect 6.x file, leading to possible remote arbitrary code execution.

Affected Products

WordPerfect 6.x Converter in Microsoft Office Word 2000 SP3

Impact

System compromise

Recommended Actions

Please refer to the Microsoft advisory for detailed information and patches:
http://www.microsoft.com/technet/security/Bulletin/MS09-010.mspx

CVE References

CVE-2009-0088