Internet threat level: 1
Home→Descriptions→SA12758
Microsoft Word Document Parsing Buffer Overflow Vulnerabilities
| Secunia ID | |
| CVE-ID | |
| Release Date |
07 Oct 2004 |
| Last Change |
10 Aug 2005 |
| Criticality | |
| Solution Status |
Vendor Patch |
| Software |
Microsoft Office 2000 |
| Where | |
| Impact |
System accessThis covers vulnerabilities where malicious people are able to gain system access and execute arbitrary code with the privileges of a local user. |
| Description |
Two vulnerabilities have been reported in Microsoft Word, which can be exploited by malicious people to compromise a user's system. The vulnerabilities are caused due to boundary errors within the parsing of document files. This can be exploited to cause buffer overflows by tricking a user into opening a specially crafted Word document. Successful exploitation allows execution of arbitrary code with the privileges of the user running Microsoft Word. |
| Solution |
Apply patches. Microsoft Word 2000 and Microsoft Works Suite 2001: Microsoft Word 2002, Microsoft Works Suite 2002, Microsoft Works Suite 2003, and Microsoft Works Suite 2004: Microsoft Office Word 2003: Microsoft Word 2003 Viewer: |
| Reported by |
First vulnerability discovered by: Second vulnerability discovered by: |
| Original Advisory |
MS05-023 (KB890169): |
© 1997-2012 Kaspersky Lab ZAO. All Rights Reserved.
Industry-leading Antivirus Software.
Registered trademarks and service marks are the property of their respective owners.