Spyware Doctor
Spyware Doctor with AntiVirus
PC Tools AntiVirus
PC Tools Internet Security
PC Tools Firewall Plus
ThreatFire
Spam Monitor
Registry Mechanic
Desktop Maestro
File Recover
Privacy Guardian
Spyware Doctor Enterprise
Help me choose
Malformed Conversion Data Vulnerability
A security vulnerability exists in a utility that converts Japanese, Korean and Chinese Word 5 documents to more-recent formats which could allow arbitrary code to be executed on a machine that opened a specially modified document.
Issue
Microsoft Office includes a conversion utility that converts older Word documents to more recent formats. The conversion utility for Word 5 documents in East Asian languages (Japanese, Korean, Simplified Chinese and Traditional Chinese) has an unchecked buffer. By using a hexadecimal editor to insert specially malformed information into a document, a malicious user could cause Word to run code of his or her choice when the document was opened using an affected version of the converter.
A Word 5 converter installs by default as part of Word and PowerPoint, and can be installed at user behest as part of a converter pack. However, the vulnerability affects only the East Asian language versions of the converter, and only the Windows versions of them. No other language versions of the converter are affected, and no version of the converter for Macintosh is affected.
Affected Products
- Microsoft Converter Pack 2000 for Windows
Microsoft Office 2000 for Windows with Multilanguage pack
Download
Patch: http://officeupdate.microsoft.com/2000/downloaddetails/ww5pkg.htm
Further Details
Source: Microsoft Corporation
Reference: Microsoft Corporation
Updated: January 20, 2000
>> Recommended Download - secure your PC from spyware, adware and malware now with Spyware Doctor <<
