| VID |
26432 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The hotfix (MS09-027, 969514) for 'Microsoft Office Word Could Allow Remote Code Execution in Microsoft Word' has not been applied.
Arbitrary code can be executed on the remote host through Microsoft
Word. The remote Windows host is running a version of Microsoft Word or Word
Viewer that is affected by two buffer overflow vulnerabilities. If an
attacker can trick a user on the affected host into opening a
specially crafted Word file, he could leverage these issues to execute
arbitrary code subject to the user's privileges.
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.microsoft.com/technet/security/bulletin/ms09-027.mspx
* Platforms Affected:
Microsoft Office Word 2000 SP 3
Microsoft Office Word 2002 SP 3
Microsoft Office Word 2003 SP 3
Microsoft Office Word 2007 SP 1 And SP2
Microsoft Office Word 2007 SP 2
Microsoft Office Word Viewer 2003 Service Pack 3
Microsoft Office Word Viewer
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 And SP2
In Microsoft Windows Any version
Microsoft Office 2004 for Mac
Microsoft Office 2008 for Mac
Open XML File Format Converter for Mac
In Mac Any Versio |
| Recommendation |
Apply the appropriate patch (969514) for your system, as listed in Microsoft Security Bulletin MS09-027 at http://www.microsoft.com/korea/technet/security/bulletin/ms09-027.mspx |
| Related URL |
CVE-2008-4024,CVE-2008-4025,CVE-2008-4026,CVE-2008-4027,CVE-2008-4030,CVE-2008-4028,CVE-2008-4031,CVE-2008-4837 (CVE) |
| Related URL |
32579,32580,32581,32583,32584,32585,32594,32642 (SecurityFocus) |
| Related URL |
(ISS) |
|
