CVE-2009-3135

Stack-based buffer overflow in Microsoft Office Word 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, Open XML File Format Converter for Mac, Office Word Viewer 2003 SP3, and Office Word Viewer allow remote attackers to execute arbitrary code via a Word document with a malformed File Information Block (FIB) structure, aka "Microsoft Office Word File Information Memory Corruption Vulnerability."
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:microsoft:office:2004:*:mac:*:*:*:*:*
cpe:2.3:a:microsoft:office:2008:*:mac:*:*:*:*:*
cpe:2.3:a:microsoft:office_word:2002:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:office_word:2003:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:office_word_viewer:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:office_word_viewer:2003:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:open_xml_file_format_converter:*:*:mac:*:*:*:*:*

History

21 Nov 2024, 01:06

Type Values Removed Values Added
References () http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=831 - () http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=831 -
References () http://osvdb.org/59857 - () http://osvdb.org/59857 -
References () http://secunia.com/advisories/37277 - Vendor Advisory () http://secunia.com/advisories/37277 - Vendor Advisory
References () http://www.securityfocus.com/bid/36950 - () http://www.securityfocus.com/bid/36950 -
References () http://www.securitytracker.com/id?1023158 - () http://www.securitytracker.com/id?1023158 -
References () http://www.us-cert.gov/cas/techalerts/TA09-314A.html - US Government Resource () http://www.us-cert.gov/cas/techalerts/TA09-314A.html - US Government Resource
References () http://www.vupen.com/english/advisories/2009/3194 - Vendor Advisory () http://www.vupen.com/english/advisories/2009/3194 - Vendor Advisory
References () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-068 - () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-068 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6555 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6555 -

Information

Published : 2009-11-11 19:30

Updated : 2024-11-21 01:06


NVD link : CVE-2009-3135

Mitre link : CVE-2009-3135

CVE.ORG link : CVE-2009-3135


JSON object : View

Products Affected

microsoft

  • open_xml_file_format_converter
  • office_word
  • office
  • office_word_viewer
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer