CVE-2007-0216

Published: Feb 12, 2008Modified: Apr 23, 2026

9.3

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 8.6 / Impact: 10.0

Source: NVD

Description

wkcvqd01.dll in Microsoft Works 6 File Converter, as used in Office 2003 SP2, Works 8.0, and Works Suite 2005, allows remote attackers to execute arbitrary code via a .wps file with crafted section length headers, aka "Microsoft Works File Converter Input Validation Vulnerability."

Affected (4)

Products: Microsoft: Office, Works

2 products

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Microsoft Office	Version 2003 sp2
Microsoft Office	Version 2003 sp3
Microsoft Works	Version 2005
Microsoft Works	Version 8.0

Related CWEs

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (18)

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=659

Source: secure@microsoft.com

http://marc.info/?l=bugtraq&m=120361015026386&w=2

Source: secure@microsoft.com

http://secunia.com/advisories/28904

Source: secure@microsoft.com

Vendor Advisory

http://www.securityfocus.com/bid/27657

Source: secure@microsoft.com

http://www.securitytracker.com/id?1019386

Source: secure@microsoft.com

http://www.us-cert.gov/cas/techalerts/TA08-043C.html

Source: secure@microsoft.com

US Government Resource

http://www.vupen.com/english/advisories/2008/0513/references

Source: secure@microsoft.com

Vendor Advisory

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-011

Source: secure@microsoft.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5309

Source: secure@microsoft.com

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=659

Source: af854a3a-2127-422b-91ae-364da2661108

http://marc.info/?l=bugtraq&m=120361015026386&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/28904

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/bid/27657

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id?1019386

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.us-cert.gov/cas/techalerts/TA08-043C.html

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

http://www.vupen.com/english/advisories/2008/0513/references

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-011

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5309

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.