CVE-2009-0087

5 documents5 sources

Severity

9.3CRITICAL

EPSS

57.1%

top 1.85%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Office Word

Timeline

PublishedApr 15

Latest updateMay 2

Description

Unspecified vulnerability in the Word 6 text converter in WordPad in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and the Word 6 text converter in Microsoft Office Word 2000 SP3 and 2002 SP3; allows remote attackers to execute arbitrary code via a crafted Word 6 file that contains malformed data, aka "WordPad and Office Text Converter Memory Corruption Vulnerability."

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

▶NVDmicrosoft/office_word2000, 2002+1

🔴Vulnerability Details

GHSA

GHSA-h482-q3rv-49gh: Unspecified vulnerability in the Word 6 text converter in WordPad in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and the↗2022-05-02

▶

CVEList

CVE-2009-0087: Unspecified vulnerability in the Word 6 text converter in WordPad in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and the↗2009-04-15

▶

VulnCheck

WordPad and Office Text Converter Memory Corruption Vulnerability↗2009

▶

💥Exploits & PoCs

Exploit-DB

Lizard Cart - Multiple SQL Injections↗2009-12-19

▶