MS08-011: Vulnerabilities in Microsoft Works File Converter Could Allow Remote Code Execution (947081)
High Nessus Plugin ID 33107
SynopsisArbitrary code can be executed on the remote host through Microsoft Office.
DescriptionThe remote host is running a version of Microsoft Office Works Converter that may allow arbitrary code to be run.
To succeed, the attacker would have to send a rogue file to a user of the remote computer and have him open it. Then a bug in the wps header handler would result in code execution.
SolutionMicrosoft has released a set of patches for Office 2003, Works 8.0 and Works 2005.