1. CVE-Search
  2. CVE-2009-0563
ID CVE-2009-0563
Summary Stack-based buffer overflow in Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Microsoft Office for Mac 2004 and 2008; Open XML File Format Converter for Mac; Microsoft Office Word Viewer 2003 SP3; Microsoft Office Word Viewer; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows remote attackers to execute arbitrary code via a Word document with a crafted tag containing an invalid length field, aka "Word Buffer Overflow Vulnerability."
References
Vulnerable Configurations
  • cpe:2.3:a:microsoft:office:xp:sp3:*:*:*:*:*:*
    cpe:2.3:a:microsoft:office:xp:sp3:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:office_word_viewer:2003:sp3:*:*:*:*:*:*
    cpe:2.3:a:microsoft:office_word_viewer:2003:sp3:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:office_compatibility_pack:2007:sp2:*:*:*:*:*:*
    cpe:2.3:a:microsoft:office_compatibility_pack:2007:sp2:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:office:2007:sp2:*:*:*:*:*:*
    cpe:2.3:a:microsoft:office:2007:sp2:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:office_compatibility_pack:2007:sp1:*:*:*:*:*:*
    cpe:2.3:a:microsoft:office_compatibility_pack:2007:sp1:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:office_word_viewer:-:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:office_word_viewer:-:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:office:2007:sp1:*:*:*:*:*:*
    cpe:2.3:a:microsoft:office:2007:sp1:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:office:2003:sp3:*:*:*:*:*:*
    cpe:2.3:a:microsoft:office:2003:sp3:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:office:2000:sp3:*:*:*:*:*:*
    cpe:2.3:a:microsoft:office:2000:sp3:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:office:2008:*:*:*:*:macos:*:*
    cpe:2.3:a:microsoft:office:2008:*:*:*:*:macos:*:*
  • cpe:2.3:a:microsoft:open_xml_file_format_converter:-:*:*:*:*:macos:*:*
    cpe:2.3:a:microsoft:open_xml_file_format_converter:-:*:*:*:*:macos:*:*
  • cpe:2.3:a:microsoft:office:2004:*:*:*:*:macos:*:*
    cpe:2.3:a:microsoft:office:2004:*:*:*:*:macos:*:*
CVSS
Base: 9.3 (as of 28-06-2024 - 14:15)
Impact:
Exploitability:
CWE CWE-787
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:M/Au:N/C:C/I:C/A:C
msbulletin via4
bulletin_id MS09-027
bulletin_url
date 2009-06-09T00:00:00
impact Remote Code Execution
knowledgebase_id 969514
knowledgebase_url
severity Critical
title Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution
oval via4
accepted 2014-06-30T04:11:15.588-04:00
class vulnerability
contributors
  • name Dragos Prisaca
    organization Gideon Technologies, Inc.
  • name Brendan Miles
    organization The MITRE Corporation
  • name Sharath S
    organization SecPod Technologies
  • name Pradeep R B
    organization SecPod Technologies
  • name Shane Shaffer
    organization G2, Inc.
  • name Josh Turpin
    organization Symantec Corporation
  • name Sergey Artykhov
    organization ALTX-SOFT
  • name Maria Mikhno
    organization ALTX-SOFT
definition_extensions
  • comment Microsoft Word 2002 is installed
    oval oval:org.mitre.oval:def:973
  • comment Microsoft Word 2003 is installed
    oval oval:org.mitre.oval:def:475
  • comment Microsoft Word Viewer is installed
    oval oval:org.mitre.oval:def:737
  • comment Microsoft Word 2007 is installed
    oval oval:org.mitre.oval:def:2074
  • comment Microsoft Office Compatibility Pack is installed
    oval oval:org.mitre.oval:def:1853
description Stack-based buffer overflow in Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Microsoft Office for Mac 2004 and 2008; Open XML File Format Converter for Mac; Microsoft Office Word Viewer 2003 SP3; Microsoft Office Word Viewer; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows remote attackers to execute arbitrary code via a Word document with a crafted tag containing an invalid length field, aka "Word Buffer Overflow Vulnerability."
family windows
id oval:org.mitre.oval:def:6133
status accepted
submitted 2009-06-09T14:00:00
title Word Buffer Overflow Vulnerability
version 28
refmap via4
bid 35188
bugtraq 20090610 ZDI-09-035: Microsoft Word Document Stack Based Buffer Overflow Vulnerability
cert TA09-160A
misc http://www.zerodayinitiative.com/advisories/ZDI-09-035
osvdb 54959
sectrack 1022356
vupen ADV-2009-1546
Last major update 28-06-2024 - 14:15
Published 10-06-2009 - 18:00
Last modified 28-06-2024 - 14:15
Back to Top