---------------------------------------------------------------------- Want a new job? http://secunia.com/secunia_security_specialist/ http://secunia.com/hardcore_disassembler_and_reverse_engineer/ International Partner Manager - Project Sales in the IT-Security Industry: http://corporate.secunia.com/about_secunia/64/ ---------------------------------------------------------------------- TITLE: Microsoft Word Unspecified Code Execution Vulnerability SECUNIA ADVISORY ID: SA30975 VERIFY ADVISORY: http://secunia.com/advisories/30975/ CRITICAL: Extremely critical IMPACT: System access WHERE: >From remote SOFTWARE: Microsoft Office XP http://secunia.com/product/23/ Microsoft Word 2002 http://secunia.com/product/2150/ DESCRIPTION: A vulnerability has been reported in Microsoft Word, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an unspecified error and can be exploited to cause memory corruption via a specially crafted document. Successful exploitation allows execution of arbitrary code. NOTE: According to the vendor, the vulnerability is currently being actively exploited. The vulnerability is reported in Microsoft Word 2002 SP3 and is currently not believed to affect other versions. SOLUTION: The vendor suggests viewing Word documents in Microsoft Office Word 2003 Viewer or Microsoft Office Word 2003 Viewer SP3. PROVIDED AND/OR DISCOVERED BY: Reported as a 0-day. ORIGINAL ADVISORY: Microsoft: http://www.microsoft.com/technet/security/advisory/953635.mspx ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------