Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0963

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2004-0963
Last Modified 10 Sep 2008 03:28:23
Published 09 Feb 2005 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0963

Summary

Buffer overflow in Microsoft Word 2002 (10.6612.6714) SP3, and possibly other versions, allows remote attackers to cause a denial of service (application exception) and possibly execute arbitrary code in winword.exe via certain unexpected values in a .doc file, including (1) an offset that triggers an out-of-bounds memory access, (2) a certain value that causes a large memory copy as triggered by an integer conversion error, and other values.

Vulnerable Systems

Application

  • Microsoft Word 2002


References

XF - word-file-parsing-bo(17635)

MS - MS05-023

BUGTRAQ - 20041006 [HV-HIGH] MS Word multiple exceptions, at least one exploitable


Last Updated: 27 May 2016 10:38:50