English
The Internet threat alert status is currently normal. At present, no major epidemics or other serious incidents have been recorded by Kaspersky Lab’s monitoring service. Internet threat level: 1

Microsoft Word Smart Tag Invalid Length Processing Vulnerability


Secunia ID

SA30975

CVE-ID

CVE-2008-2244

Release Date

09 Jul 2008

Last Change

12 Aug 2008

Criticality

Extremely Critical

Solution Status

Vendor Patch

Software

Microsoft Office 2003 Professional Edition
Microsoft Office 2003 Small Business Edition
Microsoft Office 2003 Standard Edition
Microsoft Office 2003 Student and Teacher Edition
Microsoft Office XP
Microsoft Word 2002
Microsoft Word 2003

Where

From remote

Impact
System access

This covers vulnerabilities where malicious people are able to gain system access and execute arbitrary code with the privileges of a local user.

Description

A vulnerability has been discovered in Microsoft Word, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to an error in the processing of smart tag length values, which can be exploited to cause memory corruption via a specially crafted document.

Successful exploitation allows execution of arbitrary code.

NOTE: According to the vendor, the vulnerability is currently being actively exploited.

Solution

Apply patches.

Microsoft Word 2002 SP3:
http://www.microsoft.com/downloads/details.aspx?FamilyId=c7146dfc-e1be-4d13-877b-1d9bcacc4a64

Microsoft Word 2003 SP2:
http://www.microsoft.com/downloads/details.aspx?FamilyId=13a37b76-9fec-426f-8176-3c95f934efe0

Microsoft Word 2003 SP3:
http://www.microsoft.com/downloads/details.aspx?FamilyId=13a37b76-9fec-426f-8176-3c95f934efe0

Reported by

Reported as a 0-day.

Original Advisory

MS08-042 (KB955048):
http://www.microsoft.com/technet/security/Bulletin/MS08-042.mspx

Microsoft:
http://www.microsoft.com/technet/security/advisory/953635.mspx