PROBLEM:
A vulnerability was reported in Microsoft Word. A remote user can cause arbitrary code to be executed on the target user's system.
PLATFORM:
Office XP; possibly other versions
ABSTRACT:
Microsoft Word Unspecified Flaw Lets Remote Users Execute Arbitrary Code.
reference LINKS:
Secunia Advisory: SA44923
SecurityTracker Alert ID: 1025675
Bugtraq ID: 48261
TSL ID: TSL20110614-02
PRL: 2011-07
IMPACT ASSESSMENT:
High
Discussion:
A code execution vulnerability has been reported in Microsoft Office Word. The vulnerability is due to memory corruption when parsing a specially crafted Word file.
Impact:
An attacker can exploit this vulnerability to execute arbitrary code in the context of the current user by enticing them to open a specially crafted Word document. Successful exploitation may allow execution of arbitrary code. The vulnerability is confirmed in version 10.6866.6870. Other versions may also be affected.
Solution:
Do not open Office files from untrusted sources. No solution was available at the time of this entry.