CVE-2009-3135
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Stack-based buffer overflow in Microsoft Office Word 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, Open XML File Format Converter for Mac, Office Word Viewer 2003 SP3, and Office Word Viewer allow remote attackers to execute arbitrary code via a Word document with a malformed File Information Block (FIB) structure, aka "Microsoft Office Word File Information Memory Corruption Vulnerability."
Un desbordamiento de búfer en la región stack de la memoria en Office Word 2002 SP3 y 2003 SP3, Office 2004 y 2008 para Mac, Open XML File Format Converter para Mac, Office Word Viewer 2003 SP3 y Office Word Viewer, de Microsoft, permiten a los atacantes remotos ejecutar código arbitrario por medio de un Documento de Word con una estructura de Bloque de Información de Archivo (FIB) malformado, también se conoce como "Microsoft Office Word File Information Memory Corruption Vulnerability".
CVSS Scores
SSVC
- Decision:-
Timeline
- 2009-09-10 CVE Reserved
- 2009-11-11 CVE Published
- 2024-08-07 CVE Updated
- 2024-10-18 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (9)
| URL | Tag | Source |
|---|---|---|
| http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=831 | Third Party Advisory | |
| http://osvdb.org/59857 | Vdb Entry | |
| http://www.securityfocus.com/bid/36950 | Vdb Entry | |
| http://www.securitytracker.com/id?1023158 | Vdb Entry | |
| http://www.us-cert.gov/cas/techalerts/TA09-314A.html | Third Party Advisory | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6555 | Signature |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/37277 | 2018-10-12 | |
| http://www.vupen.com/english/advisories/2009/3194 | 2018-10-12 | |
| https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-068 | 2018-10-12 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Microsoft Search vendor "Microsoft" | Office Search vendor "Microsoft" for product "Office" | 2004 Search vendor "Microsoft" for product "Office" and version "2004" | mac |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Office Search vendor "Microsoft" for product "Office" | 2008 Search vendor "Microsoft" for product "Office" and version "2008" | mac |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Office Word Search vendor "Microsoft" for product "Office Word" | 2002 Search vendor "Microsoft" for product "Office Word" and version "2002" | sp3 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Office Word Search vendor "Microsoft" for product "Office Word" | 2003 Search vendor "Microsoft" for product "Office Word" and version "2003" | sp3 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Office Word Viewer Search vendor "Microsoft" for product "Office Word Viewer" | * | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Office Word Viewer Search vendor "Microsoft" for product "Office Word Viewer" | 2003 Search vendor "Microsoft" for product "Office Word Viewer" and version "2003" | sp3 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Open Xml File Format Converter Search vendor "Microsoft" for product "Open Xml File Format Converter" | * | mac |
Affected
| ||||||