NO SOLUTION, yet!TITLE:
Microsoft Word Unspecified Code Execution Vulnerability
SECUNIA ADVISORY ID:
SA30975
VERIFY ADVISORY:
http://secunia.com/advisories/30975/CRITICAL:
Extremely critical
IMPACT:
System access
WHERE:
>From remote
SOFTWARE:
Microsoft Office XP
http://secunia.com/product/23/Microsoft Word 2002
http://secunia.com/product/2150/DESCRIPTION:
A vulnerability has been reported in Microsoft Word, which can be
exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an unspecified error and can be
exploited to cause memory corruption via a specially crafted
document.
Successful exploitation allows execution of arbitrary code.
NOTE: According to the vendor, the vulnerability is currently being
actively exploited.
The vulnerability is reported in Microsoft Word 2002 SP3 and is
currently not believed to affect other versions.
SOLUTION:
The vendor suggests viewing Word documents in Microsoft Office Word
2003 Viewer or Microsoft Office Word 2003 Viewer SP3.