Remote Code Execution in Microsoft Word

Reported July 12, 2005 by Microsoft

VERSIONS AFFECTED



Microsoft Office 2000
Microsoft Office XP
Microsoft Works Suites

DESCRIPTION

The font parsing process within Microsoft Word contains a flaw that could allow a remote intruder to take complete control of an affected system.

VENDOR RESPONSE

Microsoft released a security bulletin, "Vulnerability in Microsoft Word Could Allow Remote Code Execution (903672)," and an associated patch to correct the problem.

CREDIT

Discovered by Lord Yup and reported by iDEFENSE

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish