Info

Disclosure

Oct 16, 2003

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

A remote overflow exists in Microsoft Word as an attacker can create a Word document containing a long macro name. This would overflow a buffer and allow the attacker to execute arbitrary code on the system, change data or security settings, once the victim opens the document. An attacker could exploit this vulnerability by creating a malicious Web page or by sending it to a victim as an HTML email.

Classification

Attack Type: Input Manipulation

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability.

Products

Microsoft Corporation	Office	2000
		97
		98
	Word	2000
		97
		98
	Works Suite	2000
		2001
		2002
		2004

References

Secunia Advisory ID: 10020
Vendor Specific Solution URL: http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/Bulle ......
Other Advisory URL: http://www.security.nnov.ru/search/document.asp?docid=5243
Microsoft Security Bulletin: MS03-050

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/36218

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Microsoft Corporation

Office

Word

Works Suite

References

Credit