Family: Windows : Microsoft Bulletins --> Category: infos
Vulnerability in WordPerfect Converter (884933) Vulnerability Scan
Vulnerability Scan Summary
Acertains the version of MSCONV97.dll
Detailed Explanation for this Vulnerability Test
Arbitrary code can be executed on the remote host through Office.
The remote host is running a version of Microsoft Office which contains
a flaw in its WordPerfect converter, which might allow a possible hacker to
execute arbitrary code on the remote host.
To exploit this flaw, a possible hacker would need to send a specially crafted file
to a user on the remote host and wait for him to open it using Microsoft Office.
When opening the malformed file, Microsoft Office will encounter a buffer
overflow which may be exploited to execute arbitrary code.
Microsoft has released a set of patches for Office 2000, XP and 2003 :
High / CVSS Base Score : 8
Click HERE for more information and discussions on this network vulnerability scan.