Ravens PHP Scripts

Microsoft Word Unspecified Code Execution Vulnerability
Date: Friday, January 26, 2007 @ 05:43:27 CET
Topic: Security


VERIFY ADVISORY: http://secunia.com/advisories/23950/

CRITICAL: Extremely critical

IMPACT: System access

Microsoft Office 2000 - http://secunia.com/product/24/
Microsoft Word 2000 - http://secunia.com/product/2149/

DESCRIPTION: A vulnerability has been reported in Microsoft Word, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to an unspecified error when parsing Word documents and can be exploited to execute arbitrary code on the user's system. NOTE: The vulnerability is currently being actively exploited. The vulnerability is reported in Microsoft Word 2000. Other versions may also be affected.

SOLUTION: Do not open untrusted Office documents.

PROVIDED AND/OR DISCOVERED BY: Discovered as a 0-day.

OTHER REFERENCES: Symantec: http://www.symantec.com/security_response/writeup.jsp?docid=2007-011813-0435-99&tabid=1

This article comes from Ravens PHP Scripts

The URL for this story is: