Thread: Microsoft Word Unspecified Code Execution Vulnerability
View Single Post
Old 26-01-2007, 10:35   #1
pedantic
Inactive
 
Join Date: Mar 2004
Location: Swinton
Services: O2 standard
Posts: 2,499
pedantic is cast in bronzepedantic is cast in bronzepedantic is cast in bronzepedantic is cast in bronze
pedantic is cast in bronzepedantic is cast in bronzepedantic is cast in bronzepedantic is cast in bronzepedantic is cast in bronzepedantic is cast in bronzepedantic is cast in bronzepedantic is cast in bronze
Send a message via Yahoo to pedantic
Microsoft Word Unspecified Code Execution Vulnerability
Linky

Quote:
Secunia Advisory: SA23950
Release Date: 2007-01-26


Critical: Extremely critical
Impact: System access
Where: From remote
Solution Status: Unpatched
Quote:
Description:
A vulnerability has been reported in Microsoft Word, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to an unspecified error when parsing Word documents and can be exploited to execute arbitrary code on the user's system.

NOTE: The vulnerability is currently being actively exploited.

The vulnerability is reported in Microsoft Word 2000. Other versions may also be affected.

Solution:
Do not open untrusted Office documents.
pedantic is offline   Reply With Quote