CVE-2003-0666
published 2003-10-20CVE-2003-0666: Buffer overflow in Microsoft Wordperfect Converter allows remote attackers to execute arbitrary code via modified data offset and data size parameters in a…
PriorityP342high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
21.42%
97.3th percentile
Buffer overflow in Microsoft Wordperfect Converter allows remote attackers to execute arbitrary code via modified data offset and data size parameters in a Corel WordPerfect file.
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Microsoft WordPerfect Document Converter (Windows NT4 Workstation SP5/SP6 French) - File Template Buffer Overflow (MS03-036)
exploitdb·2003-09-06
CVE-2003-0666 Microsoft WordPerfect Document Converter (Windows NT4 Workstation SP5/SP6 French) - File Template Buffer Overflow (MS03-036)
Microsoft WordPerfect Document Converter (Windows NT4 Workstation SP5/SP6 French) - File Template Buffer Overflow (MS03-036)
---
/******************************************************************/
/* Microsoft WordPerfect Document Converter Buffer Overflow Exploit MS03-036 */
/* */
/* Exploit with several targets */
/* */
/* Find your own return address with : */
/* findhex dllname FF D4 (call esp) */
/* findhex dllname FF E4 (jmp esp) */
/* */
/* Credits : */
/* vulnerability : Yuji "The Ninja" Ukai */
/* findhex : Jason Jordan */
/* sk scan-associates.net */
/* shellcode : metasploit */
/* exploit : valgasu - RstAck */
/* */
/******************************************************************/
#include
#include
#include
#include
#pragma comment(lib,"ws2_32")
/* eip offset for Word 2
Exploit-DB
Microsoft WordPerfect - Converter Buffer Overrun
exploitdb·2003-09-03
CVE-2003-0666 Microsoft WordPerfect - Converter Buffer Overrun
Microsoft WordPerfect - Converter Buffer Overrun
---
source: https://www.securityfocus.com/bid/8538/info
The Microsoft WordPerfect Converter, which ships with Office and a number of other products, is prone to a buffer overrun vulnerability. This could result in execution of malicious, attacker-supplied code when a document with malformed parameters is processed by the component. Exploitation would permit an attacker to execute arbitrary code with the privileges of the user opening the malformed document.
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/23096.zip
No writeups or analysis indexed.
http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0092.htmlhttp://marc.info/?l=bugtraq&m=106261952827573&w=2http://marc.info/?l=bugtraq&m=106279971612961&w=2https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-036http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0092.htmlhttp://marc.info/?l=bugtraq&m=106261952827573&w=2http://marc.info/?l=bugtraq&m=106279971612961&w=2https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-036
2003-10-20
Published