Microsoft Security Bulletin MS09-073
Vulnerability in WordPad and Office Text Converters Could Allow Remote Code Execution (975539)
http://www.microsoft.com/technet/sec.../MS09-073.mspx
Повреждение памяти в Microsoft WordPad и Office Text Converters
http://www.securitylab.ru/vulnerability/388613.php
Rating: Important
Описание:
Уязвимость позволяет удаленному пользователю скомпрометировать целевую систему.
Уязвимость существует из-за ошибки в Wordpad и текстовых Office конвертерах при обработке Word 97 документов. Удаленный пользователь может с помощью специально сформированного документа выполнить произвольный код на целевой системе.
Affected Software:
• Windows Operating System and Components• Microsoft Windows 2000 Service Pack 4
• Microsoft Windows XP Service Pack 2 and Windows XP Service Pack 3
• Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2
• Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2
• Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2
• Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems
• Microsoft Office• Microsoft Office XP Service Pack 3
• Microsoft Office Word 2002 Service Pack 3
• Microsoft Office 2003 Service Pack 3
• Microsoft Office Word 2003 Service Pack 3
• Microsoft Works 8.5
• Microsoft Office Converter Pack
Non-Affected Software:
• Windows Operating System and Components• Windows Vista, Windows Vista Service Pack 1, and Windows Vista Service Pack 2
• Windows Vista x64 Edition, Windows Vista x64 Edition Service Pack 1, and Windows Vista x64 Edition Service Pack 2
• Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2
• Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2
• Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2
• Windows 7 for 32-bit Systems
• Windows 7 for x64-based Systems
• Windows Server 2008 R2 for x64-based Systems
• Windows Server 2008 R2 for Itanium-based Systems
• Office and Other Software[indent]• Microsoft Office Word 2007 Service Pack 1 and Microsoft Office Word 2007 Service Pack 2
• Microsoft Office Word Viewer 2003 Service Pack 3
• Microsoft Office Word Viewer
• Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 1 and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 2
• Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 1
• Microsoft Office 2004 for Mac
• Microsoft Office 2008 for Mac
• Open XML File Format Converter for Mac
• Microsoft Works 9