Word (or Word Viewer) in Microsoft Office 2000 SP3, XP SP3, 2003 SP2, 2004 for Mac, and Works Suite 2004, 2005, and 2006 does not properly parse certain rich text "property strings of certain control words," which allows user-assisted remote attackers to trigger heap corruption and execute arbitrary code, aka the "Word RTF Parsing Vulnerability."
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 00:27
Type | Values Removed | Values Added |
---|---|---|
References | () http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=525 - Patch | |
References | () http://www.kb.cert.org/vuls/id/555489 - US Government Resource | |
References | () http://www.osvdb.org/34388 - | |
References | () http://www.securityfocus.com/archive/1/468871/100/200/threaded - | |
References | () http://www.securityfocus.com/bid/23836 - Patch | |
References | () http://www.securitytracker.com/id?1018013 - Patch | |
References | () http://www.us-cert.gov/cas/techalerts/TA07-128A.html - US Government Resource | |
References | () http://www.vupen.com/english/advisories/2007/1709 - Vendor Advisory | |
References | () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-024 - | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1900 - |
Information
Published : 2007-05-08 23:19
Updated : 2024-11-21 00:27
NVD link : CVE-2007-1202
Mitre link : CVE-2007-1202
CVE.ORG link : CVE-2007-1202
JSON object : View
Products Affected
microsoft
- works
- word_viewer
- word
CWE
CWE-20
Improper Input Validation