Vulnerability: Arbitrary code execution in Microsoft Word
Danger: High
Number of vulnerabilities: 1
Impact: System Compromise
CWE ID: CWE-119: An error occurred in the buffer
Exploit: PoC code
Affected Products:
- Microsoft Office 2007
- Microsoft Office Word 2007
- Microsoft Office 2010
- Microsoft Word 2010
Affected versions:
- Microsoft Office 2007
- Microsoft Word 2007
- Microsoft Office 2010
- Microsoft Word 2012
Description:
The vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to insufficient bounds checking when processing tables. Doc files. This can be exploited. Doc file to cause a buffer overflow on the stack and crash the application or execute arbitrary code on the target system.
Manufacturer: Microsoft Corporation
Solution: The way to eliminate the vulnerability does not exist at present.
links:
