CVE-2008-0105

Microsoft Works File Converter - Remote Code Execution via Crafted WPS File

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-0105.

AI-analyzed exploit summary This exploit targets a stack overflow vulnerability in the WPS to RTF convert filter in Microsoft Office 2003. It crafts a malicious WPS file with an oversized TEXT section to trigger the overflow, leading to remote code execution.

Description

Microsoft Works 6 File Converter, as used in Office 2003 SP2 and SP3, Works 8.0, and Works Suite 2005, allows remote attackers to execute arbitrary code via a .wps file with crafted section header index table information, aka "Microsoft Works File Converter Index Table Vulnerability."

Exploits (1)

exploitdb WORKING POC

clocalwindows

https://www.exploit-db.com/exploits/5107

View Code ZIP pw:eip

This exploit targets a stack overflow vulnerability in the WPS to RTF convert filter in Microsoft Office 2003. It crafts a malicious WPS file with an oversized TEXT section to trigger the overflow, leading to remote code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Microsoft Office 2003

No auth needed

Prerequisites: Victim must open the malicious WPS file

MITRE ATT&CK