MicrosoftCVELIST:CVE-2007-1202CVE-2007-1202
Word (or Word Viewer) in Microsoft Office 2000 SP3, XP SP3, 2003 SP2, 2004 for Mac, and Works Suite 2004, 2005, and 2006 does not properly parse certain rich text “property strings of certain control words,” which allows user-assisted remote attackers to trigger heap corruption and execute arbitrary code, aka the “Word RTF Parsing Vulnerability.”
References
labs.idefense.com/intelligence/vulnerabilities/display.php?id=525
www.kb.cert.org/vuls/id/555489
www.osvdb.org/34388
www.securityfocus.com/archive/1/468871/100/200/threaded
www.securityfocus.com/bid/23836
www.securitytracker.com/id?1018013
www.us-cert.gov/cas/techalerts/TA07-128A.html
www.vupen.com/english/advisories/2007/1709
docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-024
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1900
Related
