|
Answer» TITLE:
Microsoft WORD Unspecified Memory Corruption Vulnerability
SECUNIA ADVISORY ID:
SA27151
VERIFY ADVISORY:
http://secunia.com/advisories/27151/
CRITICAL:
EXTREMELY critical
IMPACT:
System access
WHERE:
>From remote
SOFTWARE:
Microsoft Word 2000
http://secunia.com/product/2149/
Microsoft Word 2002
http://secunia.com/product/2150/
Microsoft OFFICE 2000
http://secunia.com/product/24/
Microsoft Office XP
http://secunia.com/product/23/
Microsoft Office 2004 for Mac
http://secunia.com/product/8713/
DESCRIPTION:
A vulnerability has been reported in Microsoft Word, which can be
exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an ERROR in the handling of Word
documents and can be exploited to corrupt memory when a user opens a
specially crafted Office file.
Successful EXPLOITATION allows execution of arbitrary code.
NOTE: According to Microsoft, this is currently being actively
exploited.
SOLUTION:
Apply patches.
Microsoft Office 2000 SP3:
http://www.microsoft.com/downloads/details.aspx?FamilyId=8B3072FB-5933-47F7-A498-13A93E268E57
Microsoft Office XP SP3:
http://www.microsoft.com/downloads/details.aspx?FamilyId=D6B787BB-03FF-4F67-8B69-6011FB18BA75
Microsoft Office 2004 for Mac:
http://www.microsoft.com/mac/downloads.aspx#Office2004
|
