MS09-010: Vulnerabilities in WordPad and Office Text Converters Could Allow Remote Code Execution (960477)
High Nessus Plugin ID 36148
SynopsisIt is possible to execute arbitrary code on the remote Windows host using a text converter.
DescriptionThe remote host contains a version of the Microsoft WordPad and/or Microsoft Office text converters that could allow remote code execution if a specially crafted file is opened.
SolutionMicrosoft has released a set of patches for Office 2000 and XP as well as the Office 2003 File Converter Pack.