admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2009/CVE-2009-02xx/CVE-2009-0235.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

166 lines
5.5 KiB
JSON
Raw Blame History

{
"id": "CVE-2009-0235",
"sourceIdentifier": "secure@microsoft.com",
"published": "2009-04-15T08:00:00.563",
"lastModified": "2024-11-21T00:59:24.717",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the Word 97 text converter in WordPad in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted Word 97 file that triggers memory corruption, related to use of inconsistent integer data sizes for an unspecified length field, aka \"WordPad Word 97 Text Converter Stack Overflow Vulnerability.\""
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en pila en el conversor de texto Word 97 en WordPad en Microsoft Windows 2000 SP4, XP SP2 y SP3, y Server 2003 SP1 y SP2 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de ficheros Word 97 manipulados que disparan corrupci\u00f3n de memoria, tambi\u00e9n conocido como \"Vulnerabilidad de desbordamiento de pila en el conversor de texto WordPad Word 97\"."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"baseScore": 9.3,
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"availabilityImpact": "COMPLETE"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": true
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*",
"matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp1:*:*:*:*:*:*",
"matchCriteriaId": "FE8F4276-4D97-480D-A542-FE9982FFD765"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*",
"matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*",
"matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*",
"matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656"
}
]
}
]
}
],
"references": [
{
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=783",
"source": "secure@microsoft.com"
},
{
"url": "http://osvdb.org/53664",
"source": "secure@microsoft.com"
},
{
"url": "http://www.securityfocus.com/bid/34470",
"source": "secure@microsoft.com"
},
{
"url": "http://www.securitytracker.com/id?1022043",
"source": "secure@microsoft.com"
},
{
"url": "http://www.us-cert.gov/cas/techalerts/TA09-104A.html",
"source": "secure@microsoft.com",
"tags": [
"US Government Resource"
]
},
{
"url": "http://www.vupen.com/english/advisories/2009/1024",
"source": "secure@microsoft.com"
},
{
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-010",
"source": "secure@microsoft.com"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5893",
"source": "secure@microsoft.com"
},
{
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=783",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://osvdb.org/53664",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.securityfocus.com/bid/34470",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.securitytracker.com/id?1022043",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.us-cert.gov/cas/techalerts/TA09-104A.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
]
},
{
"url": "http://www.vupen.com/english/advisories/2009/1024",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-010",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5893",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}
Reference in New Issue View Git Blame Copy Permalink