CVE-2004-0573

Buffer overflow in the converter for Microsoft WordPerfect 5.x on Office 2000, Office XP, Office 2003, and Works Suites 2001 through 2004 allows remote attackers to execute arbitrary code via a malicious document or website.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://marc.info/?l=bugtraq&m=109519646030906&w=2
http://secunia.com/advisories/12529
http://securitytracker.com/id?1011249
http://securitytracker.com/id?1011250
http://securitytracker.com/id?1011251
http://securitytracker.com/id?1011252
http://www.kb.cert.org/vuls/id/449438	US Government Resource
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-027
https://exchange.xforce.ibmcloud.com/vulnerabilities/17306
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2670
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3311
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3333
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4005
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5021
http://marc.info/?l=bugtraq&m=109519646030906&w=2
http://secunia.com/advisories/12529
http://securitytracker.com/id?1011249
http://securitytracker.com/id?1011250
http://securitytracker.com/id?1011251
http://securitytracker.com/id?1011252
http://www.kb.cert.org/vuls/id/449438	US Government Resource
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-027
https://exchange.xforce.ibmcloud.com/vulnerabilities/17306
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2670
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3311
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3333
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4005
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5021

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:microsoft:frontpage:2000:::::::*
	cpe:2.3:a:microsoft:frontpage:2002:::::::*
	cpe:2.3:a:microsoft:frontpage:2003:::::::*
	cpe:2.3:a:microsoft:office:2000:::::::*
	cpe:2.3:a:microsoft:office:2003:::::::*
	cpe:2.3:a:microsoft:office:xp:::::::*
	cpe:2.3:a:microsoft:publisher:2000:::::::*
	cpe:2.3:a:microsoft:publisher:2002:::::::*
	cpe:2.3:a:microsoft:publisher:2003:::::::*
	cpe:2.3:a:microsoft:word:2000:::::::*
	cpe:2.3:a:microsoft:word:2002:::::::*
	cpe:2.3:a:microsoft:word:2003:::::::*
	cpe:2.3:a:microsoft:works:2001:::::::*
	cpe:2.3:a:microsoft:works:2002:::::::*
	cpe:2.3:a:microsoft:works:2003:::::::*
	cpe:2.3:a:microsoft:works:2004:::::::*

History

20 Nov 2024, 23:48

Type	Values Removed	Values Added
References	~~() http://marc.info/?l=bugtraq&m=109519646030906&w=2 -~~	() http://marc.info/?l=bugtraq&m=109519646030906&w=2 -
References	~~() http://secunia.com/advisories/12529 -~~	() http://secunia.com/advisories/12529 -
References	~~() http://securitytracker.com/id?1011249 -~~	() http://securitytracker.com/id?1011249 -
References	~~() http://securitytracker.com/id?1011250 -~~	() http://securitytracker.com/id?1011250 -
References	~~() http://securitytracker.com/id?1011251 -~~	() http://securitytracker.com/id?1011251 -
References	~~() http://securitytracker.com/id?1011252 -~~	() http://securitytracker.com/id?1011252 -
References	~~() http://www.kb.cert.org/vuls/id/449438 - US Government Resource~~	() http://www.kb.cert.org/vuls/id/449438 - US Government Resource
References	~~() https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-027 -~~	() https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-027 -
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/17306 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/17306 -
References	~~() https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2670 -~~	() https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2670 -
References	~~() https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3311 -~~	() https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3311 -
References	~~() https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3333 -~~	() https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3333 -
References	~~() https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4005 -~~	() https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4005 -
References	~~() https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5021 -~~	() https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5021 -

Information

Published : 2004-09-28 04:00

Updated : 2025-04-03 01:03

NVD link : CVE-2004-0573

Mitre link : CVE-2004-0573

CVE.ORG link : CVE-2004-0573

JSON object : View

Products Affected

microsoft

office
frontpage
works
publisher
word

CWE

NVD-CWE-Other

{"id": "CVE-2004-0573", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}]}, "published": "2004-09-28T04:00:00.000", "references": [{"url": "http://marc.info/?l=bugtraq&m=109519646030906&w=2", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/12529", "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1011249", "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1011250", "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1011251", "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1011252", "source": "cve@mitre.org"}, {"url": "http://www.kb.cert.org/vuls/id/449438", "tags": ["US Government Resource"], "source": "cve@mitre.org"}, {"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-027", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17306", "source": "cve@mitre.org"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2670", "source": "cve@mitre.org"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3311", "source": "cve@mitre.org"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3333", "source": "cve@mitre.org"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4005", "source": "cve@mitre.org"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5021", "source": "cve@mitre.org"}, {"url": "http://marc.info/?l=bugtraq&m=109519646030906&w=2", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/12529", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://securitytracker.com/id?1011249", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://securitytracker.com/id?1011250", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://securitytracker.com/id?1011251", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://securitytracker.com/id?1011252", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.kb.cert.org/vuls/id/449438", "tags": ["US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-027", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17306", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2670", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3311", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3333", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4005", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5021", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Buffer overflow in the converter for Microsoft WordPerfect 5.x on Office 2000, Office XP, Office 2003, and Works Suites 2001 through 2004 allows remote attackers to execute arbitrary code via a malicious document or website."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer en el convertidor de Microsoft WordPerfect 5.x en Office 2000, Office XP, Offiece 2003 y las suites Works 2001 a 2004 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un documento o un sitio web malicioso."}], "lastModified": "2025-04-03T01:03:51.193", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:frontpage:2000:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D2C6629C-BF53-49A1-B32C-A828CA0A0500"}, {"criteria": "cpe:2.3:a:microsoft:frontpage:2002:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6548F837-A687-4EEF-B754-DAA834B34FA3"}, {"criteria": "cpe:2.3:a:microsoft:frontpage:2003:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3C79FEE1-70A3-4A48-BE7B-0D18F0A5FA7F"}, {"criteria": "cpe:2.3:a:microsoft:office:2000:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A9A82D13-513C-46FA-AF51-0582233E230A"}, {"criteria": "cpe:2.3:a:microsoft:office:2003:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB7EA4CC-E705-42DB-86B6-E229DA36B66D"}, {"criteria": "cpe:2.3:a:microsoft:office:xp:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "34FA62BE-D804-402D-9BDD-68BC70ECCD76"}, {"criteria": "cpe:2.3:a:microsoft:publisher:2000:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "95648599-D3B3-4043-821C-D385FB7A77CB"}, {"criteria": "cpe:2.3:a:microsoft:publisher:2002:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "99ED878A-CFC5-4FD5-A403-EB16CC4F8BC0"}, {"criteria": "cpe:2.3:a:microsoft:publisher:2003:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "617E8BE3-8AD0-42FC-BDEE-6B1F120AE512"}, {"criteria": "cpe:2.3:a:microsoft:word:2000:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AEBFF713-0884-43BF-9AB8-777664FD64AF"}, {"criteria": "cpe:2.3:a:microsoft:word:2002:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2D90B1E1-23CD-4595-AD78-DA1758E9896D"}, {"criteria": "cpe:2.3:a:microsoft:word:2003:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "379C2A4A-78EF-473D-954B-F5DD76C3D6CF"}, {"criteria": "cpe:2.3:a:microsoft:works:2001:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B4ADD440-2CF5-4BC9-8C48-91CF8D5500BD"}, {"criteria": "cpe:2.3:a:microsoft:works:2002:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "17037BD9-742D-42E2-98CC-C764E6F71957"}, {"criteria": "cpe:2.3:a:microsoft:works:2003:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0B77363A-53A3-4CFC-87E0-B7D33445ACEF"}, {"criteria": "cpe:2.3:a:microsoft:works:2004:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F98B6FDD-E9AA-49A4-8D9C-422DF5520A66"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}

7.5 /10